How to avoid duplicated submission by token?
My attention is to prevent duplicated submission.
I have refered to the struts-example.
It checks the valid of token by IsValidToken().
However when a form is displayed at the first time,
it always is invalid.
Moreover, according to the struts-example, it
saveToken when it finds error.
The behavior becomes very strange.
When a form is displayed at the first time, it is
invalid. It leads to error message displaying on web
page. Next time user clicks the submit button, it
becomes valid. Then it cannot avoid duplicated
submission.
All I want is very simple. When user clicks a submit
button. It saves record if data checking is ok.
If user goes back and re-click the submit button.
Duplicated submission should be detected.
Below is my codings. What needs to be changed
so that duplicated submission can be avoided?
package com.erp.quotation;
import java.util.Locale;
import org.apache.struts.action.*;
import javax.servlet.http.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.util.MessageResources;
public final class AddUserProfileAction extends Action
{
private Log log =
LogFactory.getFactory().getInstance(this.getClass().getName());
public ActionForward execute (ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (isCancelled(request)) {
if (log.isInfoEnabled()) {
log.info( + mapping.getAttribute() +
- Registration transaction was cancelled);
}
removeFormBean(mapping, request);
return mapping.findForward(cancel);
}
HttpSession session = request.getSession();
ActionErrors errors = new ActionErrors();
if (log.isTraceEnabled()) {
log.trace( Checking transactional control
token);
}
if (!isTokenValid(request)) {
log.trace(valid token);
errors.add(ActionErrors.GLOBAL_ERROR,
new
ActionError(error.transaction.token));
} else {
log.trace(invalid token);
}
resetToken(request);
Locale locale = getLocale(request);
MessageResources messages =
getResources(request);
String action = request.getParameter(action);
if (checking_is_ok) {
save_record_to_database();
ActionMessages actionMessages = new
ActionMessages();
ActionMessage actionMessage = new
ActionMessage(statusLine.recordAdded);
actionMessages.add(Constants.statusLine,
actionMessage);
saveMessages (request, actionMessages);
saveToken(request);
addUserProfileForm.reset(mapping, request);
return mapping.findForward(success);
}
// Remove the obsolete form bean
if (mapping.getAttribute() != null) {
if (request.equals(mapping.getScope()))
request.removeAttribute(mapping.getAttribute());
else
session.removeAttribute(mapping.getAttribute());
}
if (!errors.isEmpty()) {
saveErrors(request, errors);
saveToken(request);
return (mapping.getInputForward());
}
return mapping.findForward(failure);
}
}
_
...
http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to avoid duplicated submission by token?
Thanks Rick.
Let me find out what DispatchAction is and then come
back.
--- Rick Reumann [EMAIL PROTECTED]
HI, Ping, you have so many different things going on
in one action
execute method that it is very difficult to follow
everything. Also, you
are doing a lot of things that do not need to be
done (usually) from
your action such as calling form.reset(), removing
form bean, removing
mappings, etc. You are doing way too many different
things in one Action
... you either need to A) Use a DispatchAction or
B) create different
Action classes to perform the different tasks.
Once you do that, the first action dispatch method
you go to before
hitting your form you do
saveToken(request);
Then in the action method that you want to make sure
duplicate submits
don't occur you do your check...:
isTokenValid(request))
Then when I leave that method (if it was valid
token) I do...
resetToken(request);
saveToken(request);
So, if I were you, I'd simply create a
DispatchAction with the methods...
setUp(.. )
updateUserProfile(.. )
cancel(... )
Ping Cheung Leung wrote:
My attention is to prevent duplicated submission.
I have refered to the struts-example.
It checks the valid of token by IsValidToken().
However when a form is displayed at the first
time,
it always is invalid.
Moreover, according to the struts-example, it
saveToken when it finds error.
The behavior becomes very strange.
When a form is displayed at the first time, it is
invalid. It leads to error message displaying on
web
page. Next time user clicks the submit button, it
becomes valid. Then it cannot avoid duplicated
submission.
All I want is very simple. When user clicks a
submit
button. It saves record if data checking is ok.
If user goes back and re-click the submit button.
Duplicated submission should be detected.
Below is my codings. What needs to be changed
so that duplicated submission can be avoided?
package com.erp.quotation;
import java.util.Locale;
import org.apache.struts.action.*;
import javax.servlet.http.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.util.MessageResources;
public final class AddUserProfileAction extends
Action
{
private Log log =
LogFactory.getFactory().getInstance(this.getClass().getName());
public ActionForward execute (ActionMapping
mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (isCancelled(request)) {
if (log.isInfoEnabled()) {
log.info( + mapping.getAttribute()
+
- Registration transaction was cancelled);
}
removeFormBean(mapping, request);
return mapping.findForward(cancel);
}
HttpSession session = request.getSession();
ActionErrors errors = new ActionErrors();
if (log.isTraceEnabled()) {
log.trace( Checking transactional
control
token);
}
if (!isTokenValid(request)) {
log.trace(valid token);
errors.add(ActionErrors.GLOBAL_ERROR,
new
ActionError(error.transaction.token));
} else {
log.trace(invalid token);
}
resetToken(request);
Locale locale = getLocale(request);
MessageResources messages =
getResources(request);
String action =
request.getParameter(action);
if (checking_is_ok) {
save_record_to_database();
ActionMessages actionMessages = new
ActionMessages();
ActionMessage actionMessage = new
ActionMessage(statusLine.recordAdded);
actionMessages.add(Constants.statusLine,
actionMessage);
saveMessages (request, actionMessages);
saveToken(request);
addUserProfileForm.reset(mapping,
request);
return mapping.findForward(success);
}
// Remove the obsolete form bean
if (mapping.getAttribute() != null) {
if (request.equals(mapping.getScope()))
request.removeAttribute(mapping.getAttribute());
else
session.removeAttribute(mapping.getAttribute());
}
if (!errors.isEmpty()) {
saveErrors(request, errors);
saveToken(request);
return (mapping.getInputForward());
}
return mapping.findForward(failure);
}
}
_
...
http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
--
Rick
Re: How to avoid duplicated submission by token?
Rick Reumann wrote:
HI, Ping, you have so many different things going on in one action
execute method that it is very difficult to follow everything. Also, you
are doing a lot of things that do not need to be done (usually) from
your action such as calling form.reset(), removing form bean, removing
mappings, etc. You are doing way too many different things in one Action
... you either need to A) Use a DispatchAction or B) create different
Action classes to perform the different tasks.
Once you do that, the first action dispatch method you go to before
hitting your form you do
saveToken(request);
Then in the action method that you want to make sure duplicate submits
don't occur you do your check...:
isTokenValid(request))
Then when I leave that method (if it was valid token) I do...
resetToken(request);
saveToken(request);
So, if I were you, I'd simply create a DispatchAction with the methods...
setUp(.. )
updateUserProfile(.. )
cancel(... )
Ping Cheung Leung wrote:
My attention is to prevent duplicated submission.
I have refered to the struts-example.
It checks the valid of token by IsValidToken().
However when a form is displayed at the first time,
it always is invalid.
Moreover, according to the struts-example, it
saveToken when it finds error.
The behavior becomes very strange.
When a form is displayed at the first time, it is
invalid. It leads to error message displaying on web
page. Next time user clicks the submit button, it
becomes valid. Then it cannot avoid duplicated
submission.
All I want is very simple. When user clicks a submit
button. It saves record if data checking is ok.
If user goes back and re-click the submit button.
Duplicated submission should be detected.
Below is my codings. What needs to be changed
so that duplicated submission can be avoided?
package com.erp.quotation;
import java.util.Locale;
import org.apache.struts.action.*;
import javax.servlet.http.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.util.MessageResources;
public final class AddUserProfileAction extends Action
{
private Log log =
LogFactory.getFactory().getInstance(this.getClass().getName());
public ActionForward execute (ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
if (isCancelled(request)) {
if (log.isInfoEnabled()) {
log.info( + mapping.getAttribute() +
- Registration transaction was cancelled);
}
removeFormBean(mapping, request);
return mapping.findForward(cancel);
}
HttpSession session = request.getSession();
ActionErrors errors = new ActionErrors();
if (log.isTraceEnabled()) {
log.trace( Checking transactional control
token);
}
if (!isTokenValid(request)) {
log.trace(valid token);
errors.add(ActionErrors.GLOBAL_ERROR,
new
ActionError(error.transaction.token));
} else {
log.trace(invalid token);
}
resetToken(request);
Locale locale = getLocale(request);
MessageResources messages =
getResources(request);
String action = request.getParameter(action);
if (checking_is_ok) {
save_record_to_database();
ActionMessages actionMessages = new
ActionMessages();
ActionMessage actionMessage = new
ActionMessage(statusLine.recordAdded);
actionMessages.add(Constants.statusLine,
actionMessage);
saveMessages (request, actionMessages);
saveToken(request);
addUserProfileForm.reset(mapping, request);
return mapping.findForward(success);
}
// Remove the obsolete form bean
if (mapping.getAttribute() != null) {
if (request.equals(mapping.getScope()))
request.removeAttribute(mapping.getAttribute());
else
session.removeAttribute(mapping.getAttribute());
}
if (!errors.isEmpty()) {
saveErrors(request, errors);
saveToken(request);
return (mapping.getInputForward());
}
return mapping.findForward(failure);
}
}
Nice reply, Rick!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
