eggboss 发表于 2013-2-6 10:08:34

Token

年紀大了,一堆少用的東西忘了差不多,更慘的是不清楚自己忘了啥!所以有的沒的都拿來這記一記~~
 
<%/** * <p>Title: TokenSample.jsp</p> * <p>Description: 單一頁面設置Token範例<br> * <p>重點在於網頁refresh時,request裡的Token會是舊的!而使用submit則會是新的! * <p>Copyright: </p> * <p>Company: </p> * * @author Kirk Hsu * @version 1.0 Created. * */%><%@page pageEncoding="UTF-8" contentType="text/html; charset=UTF-8" %><%@page import="java.text.SimpleDateFormat"%><%@page import="java.util.Date"%><%try{String txSn = request.getParameter("TX_SN");String email = request.getParameter("EMAIL");String mailType = request.getParameter("MAIL_TYPE");System.out.println(txSn);System.out.println(email);System.out.println(mailType);String tokenA = (String)session.getAttribute("token");// refresh時這裡會取到舊的tokenString tokenB = request.getParameter("token");System.out.println("Token in session:" + tokenA);System.out.println("Token in request:" + tokenB);// realtime tokenString token = "";if(txSn != null && !"".equals(txSn) && email != null && !"".equals(email) &&                        mailType != null && !"".equals(mailType)){if(tokenA!=null && tokenA.equals(tokenB)){// do something...// 移除舊tokenSystem.out.println("Remove token:"+tokenA+" from session.");session.removeAttribute("token");// 設定新tokentoken = new SimpleDateFormat("yyyyMMddHHmmssSSS").format(new Date());System.out.println("Save token:"+token+" to session.");session.setAttribute("token",token);}else{System.out.println("重覆送出!!");// 注意!這裡還得補上,不然hidden裡的token就不見了!                        // 那submit時,request的token就變成空的!!// 為了讓submit時,session和request裡的token相同,                        // 所以hidden裡放的token要和session裡的相同!token = tokenA;}}else{// 設定新tokentoken = new SimpleDateFormat("yyyyMMddHHmmssSSS").format(new Date());System.out.println("Save token:"+token+" to session.");session.setAttribute("token",token);}%><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title></title></head><body><form name="form1" action="TokenSample.jsp" method="post"><fieldset><legend>EMAIL測試</legend>TX_SN:<input type="text" name="TX_SN"><br>EMAIL:<input type="text" name="EMAIL"><br><select name="MAIL_TYPE"><option value=1>AAA</option><option value=2>BBB</option><option value=3>CCC</option></select><input type="hidden" name="token" value="<%=token%>"/><input type="submit" value="送出"/><br/></fieldset></form></body></html><%}catch(Exception e){e.printStackTrace();}%>
页: [1]
查看完整版本: Token