- /*
- * 防止表單註冊頁面的重複提交
- *
- * 在該頁面上產生一個令牌值
- * 該令牌值一個添加至服務器的session屬性中,另一個隨傳遞至瀏覽器頁面中,通過比對2個令牌值是否相等,來判斷是否處理相應請求。
- * 註冊成功後,刪除在服務器中的令牌值,由於已經找不到令牌值而防止了表單的重複提交!
- *
- * Register.java
- * http://blog.csdn.net/strawberry2013
- * 2013-6-13
- */
- package com.baidu;
- import java.io.IOException;
- import java.security.MessageDigest;
- import java.security.NoSuchAlgorithmException;
- import java.util.Random;
- import javax.servlet.ServletException;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import sun.misc.BASE64Encoder;
- public class Register extends HttpServlet {
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- request.getSession().setAttribute("token", TokenProcessor.getInstance().generateToken());//添加一個令牌屬性
- request.getRequestDispatcher("/register.jsp").forward(request, response); //轉發至註冊頁面表單
- }
- }
- //令牌,用於參數一個隨機唯一的令牌值
- class TokenProcessor{
- private TokenProcessor(){}
- private static final TokenProcessor token = new TokenProcessor();
- public static TokenProcessor getInstance(){
- return token;
- }
- public String generateToken(){
- String token = System.currentTimeMillis()+new Random().nextInt()+""; //隨機的值
- try {
- MessageDigest md = MessageDigest.getInstance("md5"); //注意下面的處理方式
- byte[] md5 = md.digest(token.getBytes());
- return new BASE64Encoder().encode(md5); //base64編碼
- } catch (NoSuchAlgorithmException e) {
- throw new RuntimeException(e);
- }
- }
- }
- <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
- <%
- String path = request.getContextPath();
- String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
- %>
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
- <html>
- <head>
- <base href="<%=basePath%>">
- <title>歡迎您註冊</title>
- <meta http-equiv="pragma" content="no-cache">
- <meta http-equiv="cache-control" content="no-cache">
- <meta http-equiv="expires" content="0">
- <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
- <meta http-equiv="description" content="This is my page">
- <style type="text/css">
- body{
- margin-left: 100px;
- margin-bottom: 100px;
- }
- #reg{
- margin: auto;
- margin-left: auto;
- }
- .one{
- background-color: #C9FADB;
- }
- .two{
- background-color: #FFFFCC;
- }
- </style>
- </head>
- <body>
- <div name="rge">
- <form action="/Day01/servlet/doRegister" method="post">
- <input type="hidden" name="token" value="${token}"> <!-- 傳遞一個令牌值 -->>
- <table border="1" bordercolor="#000099" width="523" cellpadding="10" cellspacing="0" height="343">
- <tr><td colspan="2" align="center">註冊頁面</td></tr>
- <tr>
- <td class="one">用戶名:</td>
- <td class="two"><input type="text" name="username"></td>
- </tr>
- <tr>
- <td class="one">密碼:</td>
- <td class="two"><input type="password" name="pass" /></td>
- </tr>
- <tr>
- <td class="one">確認密碼:</td>
- <td class="two"><input type="password" name="pass" /></td>
- </tr>
- <tr>
- <td class="one">性別:</td>
- <td class="two">
- <input type="radio" name="sex" value="nan" />男
- <input type="radio" name="sex" value="nv" />女
- </td>
- </tr>
- <tr>
- <td class="one">技術:</td>
- <td class="two">
- <input type="checkbox" name="tech" value="Java"/>Java
- <input type="checkbox" name="tech" value="Html"/>Html
- <input type="checkbox" name="tech" value="C++"/>C++
- </td>
- </tr>
- <tr>
- <td class="one">國家:</td>
- <td class="two">
- <select name="country">
- <option value="none">---國家---</option>
- <option value="zn">中國</option>
- <option value="usa">美國</option>
- </select>
- </td>
- </tr>
- <tr bgcolor="#CCFFFF">
- <th colspan="2">
- <input type="submit" value="提交數據" />
- <input type="reset" value="置空" />
- </th>
- </tr>
- </table>
- </form>
- </div>
- </body>
- </html>
- /*
- * doRegister.java
- */
- package com.baidu;
- import java.io.IOException;
- import java.io.PrintWriter;
- import javax.servlet.ServletException;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- public class doRegister extends HttpServlet {
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String serverToken = (String) request.getSession().getAttribute("token");
- String clientToken = request.getParameter("token");
- if(serverToken!=null && serverToken.equals(clientToken)){ //比對令牌值是否相等
- System.out.println("註冊成功!");
- request.getSession().removeAttribute("token");
- return;
- }
- System.out.println("註冊失敗!");
- return;
- }
- }