防止表单重复提交
可以两重防护:JS和一个"令牌":
<form onsubmit="return check()"
js代码:
<script type="text/javascript">
var is=false;
function check(){
if(!is){
is=true;
return true;
}
else
return false;
}
</script>
可以两重防护:JS和一个"令牌";
public class formServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html");
PrintWriter out = response.getWriter();
//产生随机数(表单号)
TokenProcessor tp=TokenProcessor.getInstance();
String token=tp.generateToken();
request.getSession().setAttribute("token",token);
//request.setAttribute("token",token);
request.getRequestDispatcher("/session/form.jsp").forward(request,response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
//Token令牌的意思
class TokenProcessor{
private TokenProcessor(){}
private static final TokenProcessor instance=new TokenProcessor();
public static TokenProcessor getInstance() {
return instance;
}
public String generateToken(){
String token=System.currentTimeMillis()+new Random().nextInt()+"";
try {
MessageDigest md=MessageDigest.getInstance("md5");
//不管token有多大,都只会返回一个128位,16个长度
byte[] md5=md.digest(token.getBytes());
BASE64Encoder be=new BASE64Encoder();
return be.encode(md5);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
}
验证用户是否正确:
public class form_01 extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html");
PrintWriter out = response.getWriter();
// String name=request.getParameter("name");
// String password=request.getParameter("password");
String token=request.getParameter("hidden1");
System.out.println(token);
if(token!=null&&request.getSession(false).getAttribute("token").equals(token)){
System.out.println("用户注册......");
}
else System.out.println("用户注册失败");
}
}