02-采用时间戳技术防止重复提交

index.jsp

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%String path = request.getContextPath();String basePath = request.getScheme() + "://"+ request.getServerName() + ":" + request.getServerPort()+ path + "/";%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><base href="<%=basePath%>"><title>My JSP 'index.jsp' starting page</title><meta http-equiv="pragma" content="no-cache"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="expires" content="0"><meta http-equiv="keywords" content="keyword1,keyword2,keyword3"><meta http-equiv="description" content="This is my page"><!--<link rel="stylesheet" type="text/css" href="styles.css">--></head><body><%long token = System.currentTimeMillis(); //产生时间戳的tokensession.setAttribute("token", token);%><form action="Test" method="post"><input type="text" name="username" /> <input type="text"name="password" /> <input type="hidden" value="<%=token%>"name="token" /><!-- 作为hidden提交 --><input type="submit" value="提交" /></form></body></html>

Test.java（是一个Servlet）

import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;public class Test extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {this.doPost(request, response);}protected void doPost(HttpServletRequest req, HttpServletResponse resp)throws ServletException, IOException {req.setCharacterEncoding("utf-8");resp.setCharacterEncoding("utf-8");resp.setContentType("text/html,charset=utf-8");String username = req.getParameter("username");String password = req.getParameter("password");long token = Long.parseLong(req.getParameter("token"));long tokenInSession = Long.parseLong(req.getSession().getAttribute("token")+ "");if (token == tokenInSession) {resp.getWriter().println("ok ");// 如果是第一次请求，则产生新的token,以防止下次的重复的提交req.getSession().setAttribute("token", System.currentTimeMillis());} else {resp.getWriter().println("do not repeat submit");}}}