一、什么是表單重復(fù)提交？
當(dāng)網(wǎng)絡(luò)有延遲時(shí)，用戶提交的表單等數(shù)據(jù)還沒(méi)有完成此次提交，但用戶又多次點(diǎn)擊提交，造成用戶數(shù)據(jù)在數(shù)據(jù)庫(kù)或存儲(chǔ)中被提交多次。
利用線程延遲，簡(jiǎn)單模擬重復(fù)提交。
表單頁(yè)面為form.html
[html] view plain copy



form.html

<meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="this is my page"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!--<link rel="stylesheet" type="text/css" href="./styles.css">-->

用戶名 ：

處理提交請(qǐng)求的servlet為DoFormServlet.java
[java] view plain copy
package SessionDemo;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class DoFormServlet extends HttpServlet
{

public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username = request.getParameter("username"); //利用線程休眠，模擬網(wǎng)絡(luò)延遲 try { Thread.sleep(1000*3); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println("向數(shù)據(jù)庫(kù)中注冊(cè)數(shù)據(jù)。"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }

}
在瀏覽器中加載form.html

當(dāng)用戶反復(fù)點(diǎn)擊“提交”時(shí)，就造成了重復(fù)提交。

二、解決方法一：利用javascript阻止
其他不變，將form.html修改為
[html] view plain copy



form.html

<meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="this is my page"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!--<link rel="stylesheet" type="text/css" href="./styles.css">-->

var isCommitted = false;
function dosubmit()
{
if(!isCommitted)
{
isCommitted=true;
return true;
}
else
{
return false;
}
}




用戶名 ：




這樣在瀏覽器中加載form.html后，點(diǎn)擊“提交”，終端中只會(huì)輸出一次”向數(shù)據(jù)庫(kù)中注冊(cè)數(shù)據(jù)。”，表明成功阻止表單反復(fù)提交。
以上form.html可以進(jìn)一步優(yōu)化，當(dāng)用戶點(diǎn)擊“提交”后，“提交”按鈕應(yīng)該變?yōu)榛疑豢捎谩?
[html] view plain copy



form.html

<meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="this is my page"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!--<link rel="stylesheet" type="text/css" href="./styles.css">-->

function dosubmit()
{
var input = document.getElementById("submit");
input.disabled = 'disabled';
return true;
}




用戶名 ：




利用javascript的方法不能完全防止用戶惡意重復(fù)提交，例如：用戶可以將form.html保存后修改，還可以在點(diǎn)擊“提交”后重復(fù)刷新頁(yè)面，從而實(shí)現(xiàn)反復(fù)提交。
三、解決方法二：利用服務(wù)器端Session防止表單重復(fù)提交。
其中FormServlet.java為
[java] view plain copy
package SessionDemo;

import java.io.IOException;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import sun.misc.BASE64Encoder;

public class FormServlet extends HttpServlet
{

public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //產(chǎn)生隨機(jī)數(shù)表單號(hào) TokenProcessor tp = TokenProcessor.getInstance(); String token = tp.generateToken(); request.getSession().setAttribute("token",token); request.getRequestDispatcher("/form.jsp").forward(request, response); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }

}

//設(shè)計(jì)為單例模式
class TokenProcessor
{
private TokenProcessor(){};
private static final TokenProcessor instance = new TokenProcessor();

public static TokenProcessor getInstance() { return instance; } public String generateToken() { //獲得隨機(jī)數(shù)字符串 String token = System.currentTimeMillis() + new Random().nextInt() + ""; //獲得數(shù)據(jù)摘要 try { MessageDigest md = MessageDigest.getInstance("md5"); byte[] md5 = md.digest(token.getBytes()); //利用base64編碼防止亂碼。 BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(md5); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } }

}
添加form.jsp
[plain] view plain copy
<%@ page language=”java” import=”java.util.*” pageEncoding=”UTF-8”%>

用戶名




將DoFormServlet.java修改為
[java] view plain copy
package SessionDemo;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class DoFormServlet extends HttpServlet
{

public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username = request.getParameter("username"); boolean b = isTokenValue(request); if (!b) { System.out.println("請(qǐng)不要重復(fù)提交。"); return; } request.getSession().removeAttribute("token"); System.out.println("向數(shù)據(jù)庫(kù)中注冊(cè)數(shù)據(jù)。"); } //判斷表單號(hào)是否有效 private boolean isTokenValue(HttpServletRequest request) { String clientToken = request.getParameter("token"); if(clientToken==null) { return false; } String serverToken = (String) request.getSession().getAttribute("token"); if(serverToken==null) { return false; } if (!clientToken.equals(serverToken)) { return false; } return true; } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }

}
再瀏覽器中加載FormServlet

點(diǎn)擊“提交”后跳轉(zhuǎn)

終端顯示用戶提交

這時(shí)即使用戶點(diǎn)擊“刷新”，也不能實(shí)現(xiàn)重復(fù)提交。

總結(jié)

以上是生活随笔為你收集整理的客户端服务端防止用户重复提交表单的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。