package org.zln.struts.action; import org.apache.struts.action.Action; import org.apache.struts.action.ActionForm; import org.apache.struts.action.ActionForward; import org.apache.struts.action.ActionMapping; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Created by sherry on 000020/5/20 20:37. */ public class RegUserUI extends Action { @Override public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { /*注意,请求页面一定要通过这个Action跳转过去*/ this.saveToken(request); return mapping.findForward("SUCCESS"); } }
<%@ taglib prefix="html" uri="http://struts.apache.org/tags-html" %> <%@ taglib prefix="bean" uri="http://struts.apache.org/tags-bean" %> <%@ page contentType="text/html;charset=UTF-8" language="java" pageEncoding="UTF-8" %> <html> <head> <title>注册用户</title> </head> <body> <hr/> <html:link action="/local?language=zh">中文</html:link><br/> <html:link action="/local?language=en">英文</html:link><br/> <hr/> <html:errors property="doubleSubmit" header="" footer="" prefix="" suffix=""/> <!-- 注意:只有使用html:form生成的表单,才会从session中获取Token --> <html:form action="/regUser" method="post"> <table> <caption>注册</caption> <tr> <td>用户名</td> <td><html:text property="regUser.username"/><html:errors property="username" header="" footer="" prefix="" suffix=""/> </td> </tr> <tr> <td>密码</td> <td> <%-- value="" 是为了不回显密码--%> <html:password property="regUser.password" value=""/> <html:errors property="password" header="" footer="" prefix="" suffix=""/> </td> </tr> <tr> <td>密码确认</td> <td> <html:password property="password2" value=""/><html:errors property="password2" header="" footer="" prefix="" suffix=""/> </td> </tr> <tr> <td>身高</td> <td> <html:text property="regUser.height"/> </td> </tr> <tr> <td colspan="2" align="right"> <html:submit titleKey="info.submit"><bean:message bundle="message" key="info.submit"/></html:submit> <html:checkbox property="autoLogin">两周内自动登录?</html:checkbox> <html:cancel>取消</html:cancel> </td> </tr> </table> </html:form> <hr/> </body> </html>
package org.zln.struts.action; import org.apache.struts.action.*; import org.zln.struts.form.RegUserForm; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Created by sherry on 000020/5/20 20:37. */ public class RegUser extends Action { @Override public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { ActionMessages errors = new ActionMessages(); /*进行所有操作之前,先判断表单是否重复提交*/ if (!isTokenValid(request,true)){//假如Token无效 true表示校验完后将Token从session中清除 errors.add("doubleSubmit",new ActionMessage("表单重复提交",false)); this.saveErrors(request,errors); return mapping.getInputForward(); } RegUserForm regUserForm = (RegUserForm) form; System.out.println("username:"+regUserForm.getRegUser().getUsername()+" autoLogin:"+regUserForm.isAutoLogin()); request.setAttribute("username",regUserForm.getRegUser().getUsername()); /*业务逻辑校验*/ if (!"zln".equals(regUserForm.getRegUser().getUsername().trim())){//假设数据库中获取到的用户名是 zln errors.add("username",new ActionMessage("用户不存在",false)); this.saveErrors(request,errors);//request.setAttribute(Globals.ERROR_KEY, errors); //return mapping.findForward("FAILURE"); return mapping.getInputForward(); } return mapping.findForward("SUCCESS"); } } /* 因为在打开表单页面之前,会先往session中存放一个Token, 提交请求的时候,会将隐藏域中的Token作为参数一起提交 所谓有效的Token,就是session中的Token与表单提交时候的Token值相同,就被视为是一次请求。并且判断完后会将session中的Token清除 加入用户通过后退再次提交,此时session中的Token已经消失了,所以Token判断就会被视为无效 */