防止表单重复提交

可以两重防护：JS和一个"令牌"：

<form onsubmit="return check()"

js代码:

可以两重防护：JS和一个"令牌"；
public class formServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html");
PrintWriter out = response.getWriter();

//产生随机数（表单号）
TokenProcessor tp=TokenProcessor.getInstance();
String token=tp.generateToken();
request.getSession().setAttribute("token",token);
//request.setAttribute("token",token);
request.getRequestDispatcher("/session/form.jsp").forward(request,response);
}

public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}

}
//Token令牌的意思
class TokenProcessor{
private TokenProcessor(){}
private static final TokenProcessor instance=new TokenProcessor();
public static TokenProcessor getInstance() {
return instance;
}
public String generateToken(){

String token=System.currentTimeMillis()+new Random().nextInt()+"";
try {
MessageDigest md=MessageDigest.getInstance("md5");
//不管token有多大，都只会返回一个128位，16个长度
byte[] md5=md.digest(token.getBytes());
BASE64Encoder be=new BASE64Encoder();
return be.encode(md5);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}

}
}

验证用户是否正确：

public class form_01 extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html");
PrintWriter out = response.getWriter();
// String name=request.getParameter("name");
// String password=request.getParameter("password");
String token=request.getParameter("hidden1");
System.out.println(token);
if(token!=null&&request.getSession(false).getAttribute("token").equals(token)){
System.out.println("用户注册......");
}
else System.out.println("用户注册失败");

}

posted @ 2016-04-26 20:51 戒。阅读(145) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

防止表单重复提交

公告