防止表单重复提交
*************************************************************************
// 提供一个注册页面
public class RegistUIServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
// // 生成一个随机的令牌(token: 唯一的数据,但是不定长)
// String token = "" + System.currentTimeMillis() + new Random().nextLong() + "";
// // 算数据指纹,用MD5算法,得到定长的令牌
// token = MD5Util.md5(token);
// 通用的唯一标识符:使用UUID方式生成一段唯一的序列,也是定长的
String token = UUID.randomUUID().toString();
// 放入HttpSession中
request.getSession().setAttribute("token", token);
out.write("<form id='f1' action='"+request.getContextPath()+
"/servlet/RegistServlet' method='post'>");
out.write("姓名: <input type='text' name='name' /><br/><br/>");
// 设置一个隐藏的token,用来与HttpSession中的token校验
out.write("<input type='hidden' name='token' value='"+token+"' />");
// 防止按钮重复提交
out.write("<input id='bt1' type='button' value='注册' οnclick='toSubmit()' /></form>");
out.write("<script type='text/javascript'> function toSubmit(){
document.getElementById('f1').submit();
document.getElementById('bt1').disabled='true';}</script>");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
*************************************************************************
// 防止表单重复提交 原理如下图
public class RegistServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
request.setCharacterEncoding("UTF-8");
PrintWriter out = response.getWriter();
String name = request.getParameter("name");
// 判断用户是否重复提交
String formToken = request.getParameter("token");
String sessionToken = (String) request.getSession().getAttribute("token");
if(formToken.equals(sessionToken)){// 注: 要formToken在前,否则会出现空指针
// 正常提交,并删除session中的token
System.out.println("数据库保存了: " + name);
request.getSession().removeAttribute("token");
}else{
out.write("请不要重复提交");
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
*************************************************************************
// MD5加密
public class MD5Util {
public static String md5(String message){
try {
MessageDigest md = MessageDigest.getInstance("md5");
// 得到一个字节序列 : 比如 1010000110010010100011100
byte[] b = md.digest(message.getBytes());
// 得到BASE64编码
BASE64Encoder base64 = new BASE64Encoder();
// 采用Base64编码转换字节序列为明文
return base64.encode(b);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
*************************************************************************
// 提供一个注册页面
public class RegistUIServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
// // 生成一个随机的令牌(token: 唯一的数据,但是不定长)
// String token = "" + System.currentTimeMillis() + new Random().nextLong() + "";
// // 算数据指纹,用MD5算法,得到定长的令牌
// token = MD5Util.md5(token);
// 通用的唯一标识符:使用UUID方式生成一段唯一的序列,也是定长的
String token = UUID.randomUUID().toString();
// 放入HttpSession中
request.getSession().setAttribute("token", token);
out.write("<form id='f1' action='"+request.getContextPath()+
"/servlet/RegistServlet' method='post'>");
out.write("姓名: <input type='text' name='name' /><br/><br/>");
// 设置一个隐藏的token,用来与HttpSession中的token校验
out.write("<input type='hidden' name='token' value='"+token+"' />");
// 防止按钮重复提交
out.write("<input id='bt1' type='button' value='注册' οnclick='toSubmit()' /></form>");
out.write("<script type='text/javascript'> function toSubmit(){
document.getElementById('f1').submit();
document.getElementById('bt1').disabled='true';}</script>");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
*************************************************************************
// 防止表单重复提交 原理如下图
public class RegistServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
request.setCharacterEncoding("UTF-8");
PrintWriter out = response.getWriter();
String name = request.getParameter("name");
// 判断用户是否重复提交
String formToken = request.getParameter("token");
String sessionToken = (String) request.getSession().getAttribute("token");
if(formToken.equals(sessionToken)){// 注: 要formToken在前,否则会出现空指针
// 正常提交,并删除session中的token
System.out.println("数据库保存了: " + name);
request.getSession().removeAttribute("token");
}else{
out.write("请不要重复提交");
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
*************************************************************************
// MD5加密
public class MD5Util {
public static String md5(String message){
try {
MessageDigest md = MessageDigest.getInstance("md5");
// 得到一个字节序列 : 比如 1010000110010010100011100
byte[] b = md.digest(message.getBytes());
// 得到BASE64编码
BASE64Encoder base64 = new BASE64Encoder();
// 采用Base64编码转换字节序列为明文
return base64.encode(b);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
*************************************************************************