自定义token注解,防止表单重复提交

  1. 配置过滤器

 spring-mvc.mxl

  <mvc:interceptors>
        <!--判断是否是登录转台-->
        <bean class="com.xjkcsj.core.aspect.LoginInterceptor"/>
        <!--防止表单重复提交-->
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <bean class="com.xjkcsj.core.aspect.TokenInterceptor"/>
        </mvc:interceptor>
    </mvc:interceptors>

2.写注解类

/**
 * 自定义Token注解
 * 
 * @author weixiaodong
 * 
 */
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Token {

	boolean save() default false;

	boolean remove() default false;

}

3.写拦截器,反射读注解,判断是否提交过


/**
 * Token 拦截器,用于防止表单重复提交<br>
 * 
 * 需要再spring配置文件中配置拦截器
 * 
 * @author weixiaodong
 * 
 */
public class TokenInterceptor extends HandlerInterceptorAdapter {

	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		if (handler instanceof HandlerMethod) {
			HandlerMethod handlerMethod = (HandlerMethod) handler;
			Method method = handlerMethod.getMethod();
			Token annotation = method.getAnnotation(Token.class);
			if (annotation != null) {
				boolean needSaveSession = annotation.save();
				if (needSaveSession) {
					request.getSession(true).setAttribute("token",
							UUID.randomUUID().toString());
				}
				boolean needRemoveSession = annotation.remove();
				if (needRemoveSession) {
					if (isRepeatSubmit(request)) {
						response.sendRedirect(request.getContextPath()
								+ "/error_401");
						return false;
					}
					request.getSession(true).removeAttribute("token");
				}
			}
			return true;
		} else {
			return super.preHandle(request, response, handler);
		}
	}

	private boolean isRepeatSubmit(HttpServletRequest request) {
		String serverToken = (String) request.getSession(true).getAttribute(
				"token");
		if (serverToken == null) {
			return true;
		}
		String clinetToken = request.getParameter("token");
		if (clinetToken == null) {
			return true;
		}
		if (!serverToken.equals(clinetToken)) {
			return true;
		}
		return false;
	}
}

4.form中加隐藏的input

<input type="hidden" name="token" value="${token}"/>

到此为止自定义的token注解就配置完了,接下来就是注解加在哪里,下面的俩个方法,一个加@Token(save=true),这个方法是你跳到要提交的表单页面的方法,另一个加@Token(remove=true),这个方法是提交表单的方法

  /**
     * 跳转到会员确认页面
     *
     * @return
     */
    @Token(save = true)
    @RequestMapping(value = "/save", method = RequestMethod.POST)
    public ModelAndView saveApply(HttpServletRequest request,Memberapply memberapply, MemberApplyChildArry memberApplyChildArry) {
        ModelAndView mav = new ModelAndView("website/apply/applyInfo");
        Map<String,String> pathMap = FileUpload.tranferFile(request,"member");
        if(pathMap != null && pathMap.containsKey("file")){
            memberapply.setHyd80704dwlog67(pathMap.get("file"));
        }

        if(pathMap != null && pathMap.containsKey("file1")){
            memberapply.setHyd80704tydmz71(pathMap.get("file1"));
        }
        Memberapplychild[] memberapplychilds =memberApplyChildArry.getMemberapplychilds();
        if(memberapplychilds != null){
            mav.addObject("memberapplychild",memberapplychilds);
        }
        mav.addObject("memberapply",memberapply);
        mav.addObject("step", 2);
        return mav;
    }
    /**
     * 提交会员申请
     *
     * @param memberapply
     * @param
     * @return
     */
    @Token(remove = true)
    @RequestMapping(value = "/submit", method = RequestMethod.POST)
    public ModelAndView memberApply(Memberapply memberapply, MemberApplyChildArry memberApplyChildArry) {

        ModelAndView mav = new ModelAndView("website/apply/finish");
        String mPk = TableHelper.getNextID("hydjbQ18070400008");
        memberapply.setRecorderno(mPk);
        Timestamp timestamp = new Timestamp(System.currentTimeMillis());
        memberapply.setRecordtime(timestamp);
        memberapply.setCurstatus(2);
        String company = memberapply.getHyd80704dwmc066();//单位名称
        memberapplyService.insertSelective(memberapply);
        Memberapplychild[] memberapplychilds = memberApplyChildArry.getMemberapplychilds();
        //写入字表资质等级及范围
        if(memberapplychilds != null && memberapplychilds.length!=0) {
            for (Memberapplychild memberApplyChild : memberapplychilds) {
                memberApplyChild.setRecorderno(TableHelper.getNextID("zzdjjQ18080100001"));
                memberApplyChild.setCurstatus(2);
                memberApplyChild.setLinkrecordid(mPk);
                memberApplyChild.setRecordtime(timestamp);
                memberapplychildService.insertSelective(memberApplyChild);
            }
        }
        String actorID = actorDefineService.findByActorName("会员管理岗");
        List<String> list = actorAssignService.selectByActorID(actorID);
        String pk = TableHelper.getNextID("TaskSender");
        String spk = pk;//同组编号
        for (String accepter : list) {
            TaskSender taskSender = new TaskSender();
            taskSender.setWorkorderno(pk);
            taskSender.setSameorderno(spk);
            taskSender.setAccepter(accepter);
            taskSender.setReflinkurl("/ProjManager/page/memberapply?taskActionType=info&curRecorderNO=" + mPk + "&isOpen=true&smid=" + spk);
            taskSender.setMsgstatus(2);
            taskSender.setTasktitle("【" + company + "】发起的入会申请流程");
            taskSender.setTaskmsgtype("网站任务");
            taskSender.setTaskcardkey("WEBTask");
            taskSender.setTaskcardval("入会申请");
            taskSender.setRecordtime(timestamp);
            taskSender.setCurstatus(2);
            taskSenderService.insertSelective(taskSender);
            pk = TableHelper.getNextID("TaskSender");
        }
        return mav;
    }

 

评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值