1,FormServlet.java 设计一个表单提交数据,防止用户重复提交数据到服务器,实现阻止代码如下:
import java.io.IOException; import java.io.PrintWriter; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Random; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import sun.misc.BASE64Encoder; //负责产生表单 public class FormServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); String token = TokenProccessor.getInstance().makeToken(); request.getSession().setAttribute("token", token); //在服务器端保存随机数 out.println("<form action='/day07/servlet/DoFormServlet' method='post'>"); out.write("<input type='hidden' name='token' value='"+token+"'>"); out.println("用户名:<input type='text' name='username'>"); out.println("<input type='submit' value='提交'>"); out.println("</form>"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } } class TokenProccessor{//使用令牌生成随机数 使用到MD5技术 和 BASE 64技术 /* *单态设计模式(保证类的对象在内存中只有一个) *1、把类的构造函数私有 *2、自己创建一个类的对象 *3、对外提供一个公共的方法,返回类的对象 * */ private TokenProccessor(){} private static final TokenProccessor instance = new TokenProccessor(); public static TokenProccessor getInstance(){ return instance; } public String makeToken(){ //checkException // 7346734837483 834u938493493849384 43434384 String token = (System.currentTimeMillis() + new Random().nextInt(999999999)) + ""; //数据指纹 128位长 16个字节 md5 try { MessageDigest md = MessageDigest.getInstance("md5"); byte md5[] = md.digest(token.getBytes()); //base64编码--任意二进制编码明文字符 adfsdfsdfsf BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(md5); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } } }
2,DoFormServlet.java 分别在客户端和服务器端阻止重复提交数据功能实现,代码如下:
import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class DoFormServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { boolean b = isToken(request); //判断用户是否是重复提交 if(b==true){ System.out.println("请不要重复提交"); return; } request.getSession().removeAttribute("token"); System.out.println("处理用户提交请求!!"); } private boolean isToken(HttpServletRequest request) { String client_token = request.getParameter("token"); if(client_token==null){//判断客户端令牌是否为空 return true; } String server_token = (String) request.getSession().getAttribute("token"); if(server_token==null){//判断服务器端令牌是否为空 return true; } if(!client_token.equals(server_token)){//判断客服端令牌与服务器端令牌是否一致 return true; } return false; } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }