简单令牌原理
当前台点击submit按钮后,信息提交到后台,但是如果用户又继续刷新,那么将会重复提交
因此为了避免重复提交,在向后台提交时候,用js把当前提交时候的时间转成时间串,同步
提交给后台,这时候后台把信息和后台的session里面的时间对比,当然第一次提交的时候
session里面的时间信息是空的,所以可以执行提交内容。当二次提交的时候,前台传过去
时间传会和后台session里面第一次存的时间传对比如果不同,则说明不是重复提交,可以
执行提交内容,但是如果session里面的时间和前台传过来的时间传一样,那么说明是重复
提交。直接不执行提交,而是返回给原页面。
实现部分
--前台代码
<%@ page language="java" import="java.util.*" pageEncoding="GB18030"%> <%@page import="com.xiaofu.db.model._MessageBox"%> <%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'welcome.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <script type="text/javascript" language="javascript"> var d,hms; function notAcc(){ d = new Date(); hms = d.getTime(); var urlaction = document.getElementById("mt").action; document.getElementById("mt").action = urlaction+"×="+hms; return true; } </script> <body> <h1>欢迎<%=request.getAttribute("user")%>登录留言板</h1> <hr/> <table border="1"> <tr><td>留言人</td><td>留言时间</td><td>留言信息</td></tr> <% ArrayList<_MessageBox> almb = new ArrayList<_MessageBox>(); almb = (ArrayList<_MessageBox>)request.getAttribute("almb"); for(_MessageBox mb:almb){ %> <tr><td><%=mb.getSs().getName()%></td><td><%=mb.getMbTime()%></td><td><%=mb.getMbMess()%></td></tr> <% } %> </table> <hr/> <form action="MessCon?type=2" method="post" id="mt"> <input type="hidden" value="<%=request.getAttribute("user")%>" name="user"/> <table> <tr><td><textarea name="AddMess" style="width: 250px;height: 100px;"></textarea></td></tr> <tr><td><input type="submit" value="提交" οnclick="notAcc()"/><input type="reset" value="提交"/></td></tr> </table> </form> </body> </html>
--后台代码
package com.xiaofu.db.control; import java.io.IOException; import java.sql.SQLException; import java.util.ArrayList; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.xiaofu.db.dao.MessageBoxDAO; import com.xiaofu.db.model._MessageBox; public class MessCon extends HttpServlet{ private String strType = ""; private MessageBoxDAO mbDAO = null; private ArrayList<_MessageBox> almb = null; private boolean pdCF = false; //初始化 public void init(){ mbDAO = new MessageBoxDAO(); almb = new ArrayList<_MessageBox>(); } protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { strType = req.getParameter("type"); switch (Integer.valueOf(strType)) { /*1表示登录时候,获取所有留言信息*/ case 1: getAllMess(req,res); break; case 2: setNesMess(req,res); default: break; } } private void setNesMess(HttpServletRequest req, HttpServletResponse res) { // TODO Auto-generated method stub try { /*令牌控制*/ if(req.getSession().getAttribute("time")!=null){ if(!req.getSession().getAttribute("time").equals(req.getParameter("times"))){ System.out.println("session里面有值,但是和传递过来的time不相等"); pdCF = true; req.getSession().setAttribute("time", req.getParameter("times")); }else{ System.out.println("你正在刷新重复提交"); pdCF = false; } req.getSession().setAttribute("time", req.getParameter("times")); }else{ System.out.println("session 为空");/*为空说明第一次*/ req.getSession().setAttribute("time", req.getParameter("times")); pdCF = true; } /*依照它pdCF为true false 而进行是否执行*/ if(pdCF && req.getParameter("AddMess")!=null&&req.getParameter("AddMess").length()>0){ if(mbDAO.doInsertMessage(req.getParameter("user"), req.getParameter("AddMess"))){ req.setAttribute("user", req.getParameter("user")); req.getRequestDispatcher("MessCon?type=1").forward(req, res); } }else{ req.setAttribute("user", req.getParameter("user")); req.getRequestDispatcher("MessCon?type=1").forward(req, res); } } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (ServletException e) { // TODO Auto-generated catch block e.printStackTrace(); } } private void getAllMess(HttpServletRequest req, HttpServletResponse res) { // TODO Auto-generated method stub try { almb.clear(); almb = mbDAO.getAllMessage(); req.setAttribute("user", req.getAttribute("user")); req.setAttribute("almb", almb); req.getRequestDispatcher("welcome.jsp").forward(req, res); } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (ServletException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } protected void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { this.doGet(req, res); } }