How to avoid duplicated submission by token?
My attention is to prevent duplicated submission. I have refered to the struts-example. It checks the valid of token by IsValidToken(). However when a form is displayed at the first time, it always is invalid. Moreover, according to the struts-example, it saveToken when it finds error. The behavior becomes very strange. When a form is displayed at the first time, it is invalid. It leads to error message displaying on web page. Next time user clicks the submit button, it becomes valid. Then it cannot avoid duplicated submission. All I want is very simple. When user clicks a submit button. It saves record if data checking is ok. If user goes back and re-click the submit button. Duplicated submission should be detected. Below is my codings. What needs to be changed so that duplicated submission can be avoided? package com.erp.quotation; import java.util.Locale; import org.apache.struts.action.*; import javax.servlet.http.*; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.struts.util.MessageResources; public final class AddUserProfileAction extends Action { private Log log = LogFactory.getFactory().getInstance(this.getClass().getName()); public ActionForward execute (ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { if (isCancelled(request)) { if (log.isInfoEnabled()) { log.info( + mapping.getAttribute() + - Registration transaction was cancelled); } removeFormBean(mapping, request); return mapping.findForward(cancel); } HttpSession session = request.getSession(); ActionErrors errors = new ActionErrors(); if (log.isTraceEnabled()) { log.trace( Checking transactional control token); } if (!isTokenValid(request)) { log.trace(valid token); errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(error.transaction.token)); } else { log.trace(invalid token); } resetToken(request); Locale locale = getLocale(request); MessageResources messages = getResources(request); String action = request.getParameter(action); if (checking_is_ok) { save_record_to_database(); ActionMessages actionMessages = new ActionMessages(); ActionMessage actionMessage = new ActionMessage(statusLine.recordAdded); actionMessages.add(Constants.statusLine, actionMessage); saveMessages (request, actionMessages); saveToken(request); addUserProfileForm.reset(mapping, request); return mapping.findForward(success); } // Remove the obsolete form bean if (mapping.getAttribute() != null) { if (request.equals(mapping.getScope())) request.removeAttribute(mapping.getAttribute()); else session.removeAttribute(mapping.getAttribute()); } if (!errors.isEmpty()) { saveErrors(request, errors); saveToken(request); return (mapping.getInputForward()); } return mapping.findForward(failure); } } _ ... http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to avoid duplicated submission by token?
Thanks Rick. Let me find out what DispatchAction is and then come back. --- Rick Reumann [EMAIL PROTECTED] HI, Ping, you have so many different things going on in one action execute method that it is very difficult to follow everything. Also, you are doing a lot of things that do not need to be done (usually) from your action such as calling form.reset(), removing form bean, removing mappings, etc. You are doing way too many different things in one Action ... you either need to A) Use a DispatchAction or B) create different Action classes to perform the different tasks. Once you do that, the first action dispatch method you go to before hitting your form you do saveToken(request); Then in the action method that you want to make sure duplicate submits don't occur you do your check...: isTokenValid(request)) Then when I leave that method (if it was valid token) I do... resetToken(request); saveToken(request); So, if I were you, I'd simply create a DispatchAction with the methods... setUp(.. ) updateUserProfile(.. ) cancel(... ) Ping Cheung Leung wrote: My attention is to prevent duplicated submission. I have refered to the struts-example. It checks the valid of token by IsValidToken(). However when a form is displayed at the first time, it always is invalid. Moreover, according to the struts-example, it saveToken when it finds error. The behavior becomes very strange. When a form is displayed at the first time, it is invalid. It leads to error message displaying on web page. Next time user clicks the submit button, it becomes valid. Then it cannot avoid duplicated submission. All I want is very simple. When user clicks a submit button. It saves record if data checking is ok. If user goes back and re-click the submit button. Duplicated submission should be detected. Below is my codings. What needs to be changed so that duplicated submission can be avoided? package com.erp.quotation; import java.util.Locale; import org.apache.struts.action.*; import javax.servlet.http.*; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.struts.util.MessageResources; public final class AddUserProfileAction extends Action { private Log log = LogFactory.getFactory().getInstance(this.getClass().getName()); public ActionForward execute (ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { if (isCancelled(request)) { if (log.isInfoEnabled()) { log.info( + mapping.getAttribute() + - Registration transaction was cancelled); } removeFormBean(mapping, request); return mapping.findForward(cancel); } HttpSession session = request.getSession(); ActionErrors errors = new ActionErrors(); if (log.isTraceEnabled()) { log.trace( Checking transactional control token); } if (!isTokenValid(request)) { log.trace(valid token); errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(error.transaction.token)); } else { log.trace(invalid token); } resetToken(request); Locale locale = getLocale(request); MessageResources messages = getResources(request); String action = request.getParameter(action); if (checking_is_ok) { save_record_to_database(); ActionMessages actionMessages = new ActionMessages(); ActionMessage actionMessage = new ActionMessage(statusLine.recordAdded); actionMessages.add(Constants.statusLine, actionMessage); saveMessages (request, actionMessages); saveToken(request); addUserProfileForm.reset(mapping, request); return mapping.findForward(success); } // Remove the obsolete form bean if (mapping.getAttribute() != null) { if (request.equals(mapping.getScope())) request.removeAttribute(mapping.getAttribute()); else session.removeAttribute(mapping.getAttribute()); } if (!errors.isEmpty()) { saveErrors(request, errors); saveToken(request); return (mapping.getInputForward()); } return mapping.findForward(failure); } } _ ... http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Rick
Re: How to avoid duplicated submission by token?
Rick Reumann wrote: HI, Ping, you have so many different things going on in one action execute method that it is very difficult to follow everything. Also, you are doing a lot of things that do not need to be done (usually) from your action such as calling form.reset(), removing form bean, removing mappings, etc. You are doing way too many different things in one Action ... you either need to A) Use a DispatchAction or B) create different Action classes to perform the different tasks. Once you do that, the first action dispatch method you go to before hitting your form you do saveToken(request); Then in the action method that you want to make sure duplicate submits don't occur you do your check...: isTokenValid(request)) Then when I leave that method (if it was valid token) I do... resetToken(request); saveToken(request); So, if I were you, I'd simply create a DispatchAction with the methods... setUp(.. ) updateUserProfile(.. ) cancel(... ) Ping Cheung Leung wrote: My attention is to prevent duplicated submission. I have refered to the struts-example. It checks the valid of token by IsValidToken(). However when a form is displayed at the first time, it always is invalid. Moreover, according to the struts-example, it saveToken when it finds error. The behavior becomes very strange. When a form is displayed at the first time, it is invalid. It leads to error message displaying on web page. Next time user clicks the submit button, it becomes valid. Then it cannot avoid duplicated submission. All I want is very simple. When user clicks a submit button. It saves record if data checking is ok. If user goes back and re-click the submit button. Duplicated submission should be detected. Below is my codings. What needs to be changed so that duplicated submission can be avoided? package com.erp.quotation; import java.util.Locale; import org.apache.struts.action.*; import javax.servlet.http.*; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.struts.util.MessageResources; public final class AddUserProfileAction extends Action { private Log log = LogFactory.getFactory().getInstance(this.getClass().getName()); public ActionForward execute (ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { if (isCancelled(request)) { if (log.isInfoEnabled()) { log.info( + mapping.getAttribute() + - Registration transaction was cancelled); } removeFormBean(mapping, request); return mapping.findForward(cancel); } HttpSession session = request.getSession(); ActionErrors errors = new ActionErrors(); if (log.isTraceEnabled()) { log.trace( Checking transactional control token); } if (!isTokenValid(request)) { log.trace(valid token); errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(error.transaction.token)); } else { log.trace(invalid token); } resetToken(request); Locale locale = getLocale(request); MessageResources messages = getResources(request); String action = request.getParameter(action); if (checking_is_ok) { save_record_to_database(); ActionMessages actionMessages = new ActionMessages(); ActionMessage actionMessage = new ActionMessage(statusLine.recordAdded); actionMessages.add(Constants.statusLine, actionMessage); saveMessages (request, actionMessages); saveToken(request); addUserProfileForm.reset(mapping, request); return mapping.findForward(success); } // Remove the obsolete form bean if (mapping.getAttribute() != null) { if (request.equals(mapping.getScope())) request.removeAttribute(mapping.getAttribute()); else session.removeAttribute(mapping.getAttribute()); } if (!errors.isEmpty()) { saveErrors(request, errors); saveToken(request); return (mapping.getInputForward()); } return mapping.findForward(failure); } } Nice reply, Rick! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]