JSP¡¢Struts±ÜÃâFormÖظ´Ìá½»µÄ¼¸ÖÖ·½°¸

1 javascript £¬ÉèÖÃÒ»¸ö±äÁ¿£¬Ö»ÔÊÐíÌá½»Ò»´Î¡£



2 »¹ÊÇjavascript£¬½«Ìá½»°´Å¥»òÕßimageÖÃΪdisable

onsubmit="getElById('submitInput').disabled = true; return true;">


3 ÀûÓÃstrutsµÄͬ²½ÁîÅÆ»úÖÆ
ÀûÓÃͬ²½ÁîÅÆ£¨Token£©»úÖÆÀ´½â¾öWebÓ¦ÓÃÖÐÖظ´Ìá½»µÄÎÊÌ⣬StrutsÒ²¸ø³öÁËÒ»¸ö²Î¿¼ÊµÏÖ¡£
»ù±¾Ô­Àí£º
·þÎñÆ÷¶ËÔÚ´¦Àíµ½´ïµÄÇëÇó֮ǰ£¬»á½«ÇëÇóÖаüº¬µÄÁîÅÆÖµÓë±£´æÔÚµ±Ç°Óû§»á»°ÖеÄÁîÅÆÖµ½øÐбȽϣ¬¿´ÊÇ·ñÆ¥Åä¡£ÔÚ´¦ÀíÍê¸ÃÇëÇóºó£¬ÇÒÔڴ𸴷¢Ë͸ø¿Í»§¶Ë֮ǰ£¬½«»á²úÉúÒ»¸öеÄÁîÅÆ£¬¸ÃÁîÅƳý´«¸ø¿Í»§¶ËÒÔÍ⣬Ҳ»á½«Óû§»á»°Öб£´æµÄ¾ÉµÄÁîÅƽøÐÐÌæ»»¡£ÕâÑùÈç¹ûÓû§»ØÍ˵½¸Õ²ÅµÄÌá½»Ò³Ãæ²¢ÔÙ´ÎÌá½»µÄ»°£¬¿Í»§¶Ë´«¹ýÀ´µÄÁîÅƾͺͷþÎñÆ÷¶ËµÄÁîÅƲ»Ò»Ö£¬´Ó¶øÓÐЧµØ·ÀÖ¹ÁËÖظ´Ìá½»µÄ·¢Éú¡£
if (isTokenValid(request, true)) {
// your code here
return mapping.findForward("success");
} else {
saveToken(request);
return mapping.findForward("submitagain");
}
Struts¸ù¾ÝÓû§»á»°IDºÍµ±Ç°ÏµÍ³Ê±¼äÀ´Éú³ÉÒ»¸öΨһ£¨¶ÔÓÚÿ¸ö»á»°£©ÁîÅƵģ¬¾ßÌåʵÏÖ¿ÉÒԲο¼TokenProcessorÀàÖеÄgenerateToken()·½·¨¡£
1. //ÑéÖ¤ÊÂÎñ¿ØÖÆÁîÅÆ,»á×Ô¶¯¸ù¾ÝsessionÖбêʶÉú³ÉÒ»¸öÒþº¬input´ú±íÁîÅÆ£¬·ÀÖ¹Á½´ÎÌá½»
2. ÔÚactionÖУº
//
// value="6aa35341f25184fd996c4c918255c3ae">
if (!isTokenValid(request))
errors.add(ActionErrors.GLOBAL_ERROR,
new ActionError("error.transaction.token"));
resetToken(request); //ɾ³ýsessionÖеÄÁîÅÆ
3. actionÓÐÕâÑùµÄÒ»¸ö·½·¨Éú³ÉÁîÅÆ
protected String generateToken(HttpServletRequest request) {
HttpSession session = request.getSession();
try {
byte id[] = session.getId().getBytes();
byte now[] =
new Long(System.currentTimeMillis()).toString().getBytes();
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(id);
md.update(now