java(16)--利用session防止重复登录操作
来源:互联网 发布:软考程序员考什么 编辑:程序博客网 时间:2024/05/16 10:25
html登录页面
可以采用javascript进行防止重复操作,但是如果用户浏览器禁止js使用,就必须想办法从后台进行防止操作
<!DOCTYPE html><html> <head> <title>form.html</title> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="this is my page"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!--<link rel="stylesheet" type="text/css" href="./styles.css">--> <script type="text/javascript"> var iscommitted=false; function dosubmit(){ if(!iscommitted){ iscommitted = true; return true; }else{ return false; } } </script> </head> <body> <form action="/aDay07/servlet/FormServlet" method="post" onsubmit="return dosubmit()"> 用户名:<input type="text" name="username"> <input type="submit" value="提交"> </form> </body></html>
后台FormServlet
import java.io.IOException;import java.io.PrintWriter;import java.security.MessageDigest;import java.security.NoSuchAlgorithmException;import java.util.Random;import java.util.UUID;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import sun.misc.BASE64Encoder;//产生form的servletpublic class FormServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); String token = TokenProcessor.getInstance().generateToken(); request.getSession().setAttribute("token", token); request.getRequestDispatcher("/form.jsp").forward(request, response); /* out.print("<form action='/aDay07/servlet/DoFormServlet' method='post'>"); out.print("<input type='hidden' name='token' value='"+token+"'>"); out.print("<input type='text' name='username'>"); out.print("<input type='submit' value='提交'>"); out.print("</form>");*/ } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }}//随机数生成器class TokenProcessor{ private TokenProcessor(){}; public static TokenProcessor instance = new TokenProcessor(); public static TokenProcessor getInstance(){ return instance; } public String generateToken(){ //return UUID.randomUUID().toString();//简单方法:利用uuid产生唯一随机数 // 3847834873 822382382382738238 828323 String token = System.currentTimeMillis() + new Random().nextInt(1000000) + ""; try { MessageDigest md = MessageDigest.getInstance("md5"); byte md5[] = md.digest(token.getBytes()); //[99239,23939,] //base64 BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(md5); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } }}
form.jsp页面
将token传输到客户端,以便之后用来校验
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html> <head> <title>My JSP 'form.jsp' starting page</title> </head> <body> <form action="/aDay07/servlet/DoFormServlet" method="post"> <input type="hidden" name="token" value="<%=session.getAttribute("token") %>"> 用户名:<input type="text" name="username"> <input type="submit" value="提交"> </form> </body></html>
DoFormServlet页面
import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;public class DoFormServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { boolean b = isTokenValid(request); if (!b) { System.out.println("你是重复提交!!"); return; } request.getSession().removeAttribute("token"); System.out.println("处理提交!!!"); } // 判断表单是否为重复提交 private boolean isTokenValid(HttpServletRequest request) { String c_token = request.getParameter("token"); if (c_token == null) { return false; } String s_token = (String) request.getSession().getAttribute("token"); if (s_token == null) { return false; } if (!c_token.equals(s_token)) { return false; } return true; } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }}
0 0
- java(16)--利用session防止重复登录操作
- PHP session 防止重复登录
- 利用session防止重复提交
- 防止重复登录和session过期
- session监听防止用户登录重复
- 防止重复登录和session过期
- session监听防止用户登录重复
- 利用Session防止表单重复提交
- 利用Session防止表单重复提交
- 利用Session防止表单重复提交
- 利用Session防止表单重复提交
- 利用Session防止表单重复提交
- 利用Session防止表单重复提交
- 作业--->利用session防止表单重复提交
- 利用session防止表单重复提交
- 利用session防止表单重复提交
- 利用session防止表单重复提交
- 利用Session防止表单重复提交
- android自定义view实现可自由放大缩小和移动的imageView
- Java ThreadPoolExecutor线程池原理及源码分析
- KMP算法 java版本
- <备战蓝桥杯之嵌入式>——SYSTICK
- STL sort源码剖析(转)
- java(16)--利用session防止重复登录操作
- 算法学习之字符串包含
- 数据结构: 数组与字符串问题
- iOS 对象等同性
- greenplum list
- <备战蓝桥杯之嵌入式>——BUTTON按键实验
- 九度题目1070
- Beautiful Soup的用法
- Apache shiro 笔记整理之身份认证