- 配置过滤器
spring-mvc.mxl
<mvc:interceptors>
<!--判断是否是登录转台-->
<bean class="com.xjkcsj.core.aspect.LoginInterceptor"/>
<!--防止表单重复提交-->
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.xjkcsj.core.aspect.TokenInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
2.写注解类
/**
* 自定义Token注解
*
* @author weixiaodong
*
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Token {
boolean save() default false;
boolean remove() default false;
}
3.写拦截器,反射读注解,判断是否提交过
/**
* Token 拦截器,用于防止表单重复提交<br>
*
* 需要再spring配置文件中配置拦截器
*
* @author weixiaodong
*
*/
public class TokenInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
Token annotation = method.getAnnotation(Token.class);
if (annotation != null) {
boolean needSaveSession = annotation.save();
if (needSaveSession) {
request.getSession(true).setAttribute("token",
UUID.randomUUID().toString());
}
boolean needRemoveSession = annotation.remove();
if (needRemoveSession) {
if (isRepeatSubmit(request)) {
response.sendRedirect(request.getContextPath()
+ "/error_401");
return false;
}
request.getSession(true).removeAttribute("token");
}
}
return true;
} else {
return super.preHandle(request, response, handler);
}
}
private boolean isRepeatSubmit(HttpServletRequest request) {
String serverToken = (String) request.getSession(true).getAttribute(
"token");
if (serverToken == null) {
return true;
}
String clinetToken = request.getParameter("token");
if (clinetToken == null) {
return true;
}
if (!serverToken.equals(clinetToken)) {
return true;
}
return false;
}
}
4.form中加隐藏的input
<input type="hidden" name="token" value="${token}"/>
到此为止自定义的token注解就配置完了,接下来就是注解加在哪里,下面的俩个方法,一个加@Token(save=true),这个方法是你跳到要提交的表单页面的方法,另一个加@Token(remove=true),这个方法是提交表单的方法
/**
* 跳转到会员确认页面
*
* @return
*/
@Token(save = true)
@RequestMapping(value = "/save", method = RequestMethod.POST)
public ModelAndView saveApply(HttpServletRequest request,Memberapply memberapply, MemberApplyChildArry memberApplyChildArry) {
ModelAndView mav = new ModelAndView("website/apply/applyInfo");
Map<String,String> pathMap = FileUpload.tranferFile(request,"member");
if(pathMap != null && pathMap.containsKey("file")){
memberapply.setHyd80704dwlog67(pathMap.get("file"));
}
if(pathMap != null && pathMap.containsKey("file1")){
memberapply.setHyd80704tydmz71(pathMap.get("file1"));
}
Memberapplychild[] memberapplychilds =memberApplyChildArry.getMemberapplychilds();
if(memberapplychilds != null){
mav.addObject("memberapplychild",memberapplychilds);
}
mav.addObject("memberapply",memberapply);
mav.addObject("step", 2);
return mav;
}
/**
* 提交会员申请
*
* @param memberapply
* @param
* @return
*/
@Token(remove = true)
@RequestMapping(value = "/submit", method = RequestMethod.POST)
public ModelAndView memberApply(Memberapply memberapply, MemberApplyChildArry memberApplyChildArry) {
ModelAndView mav = new ModelAndView("website/apply/finish");
String mPk = TableHelper.getNextID("hydjbQ18070400008");
memberapply.setRecorderno(mPk);
Timestamp timestamp = new Timestamp(System.currentTimeMillis());
memberapply.setRecordtime(timestamp);
memberapply.setCurstatus(2);
String company = memberapply.getHyd80704dwmc066();//单位名称
memberapplyService.insertSelective(memberapply);
Memberapplychild[] memberapplychilds = memberApplyChildArry.getMemberapplychilds();
//写入字表资质等级及范围
if(memberapplychilds != null && memberapplychilds.length!=0) {
for (Memberapplychild memberApplyChild : memberapplychilds) {
memberApplyChild.setRecorderno(TableHelper.getNextID("zzdjjQ18080100001"));
memberApplyChild.setCurstatus(2);
memberApplyChild.setLinkrecordid(mPk);
memberApplyChild.setRecordtime(timestamp);
memberapplychildService.insertSelective(memberApplyChild);
}
}
String actorID = actorDefineService.findByActorName("会员管理岗");
List<String> list = actorAssignService.selectByActorID(actorID);
String pk = TableHelper.getNextID("TaskSender");
String spk = pk;//同组编号
for (String accepter : list) {
TaskSender taskSender = new TaskSender();
taskSender.setWorkorderno(pk);
taskSender.setSameorderno(spk);
taskSender.setAccepter(accepter);
taskSender.setReflinkurl("/ProjManager/page/memberapply?taskActionType=info&curRecorderNO=" + mPk + "&isOpen=true&smid=" + spk);
taskSender.setMsgstatus(2);
taskSender.setTasktitle("【" + company + "】发起的入会申请流程");
taskSender.setTaskmsgtype("网站任务");
taskSender.setTaskcardkey("WEBTask");
taskSender.setTaskcardval("入会申请");
taskSender.setRecordtime(timestamp);
taskSender.setCurstatus(2);
taskSenderService.insertSelective(taskSender);
pk = TableHelper.getNextID("TaskSender");
}
return mav;
}