When you are done processing the submitted form, invoke "resetToken".
Erik
PC Leung wrote:
After clicking submit button and then go back previous page, data is still there, click the submit button again. record will be
saved once more time. The IsValidToken cannot trap the duplicated
submission.
Initial page:
http://localhost:8080/erp/AddUserProfile.jsp
if clicking submit button, goes to http://localhost:8080/erp/addUserProfile.do?method=create
struts-config.xml like this.
<action path="/addUserProfileSetup"
type="com.erp.quotation.AddUserProfileAction"
name="addUserProfileForm"
scope="request" validate="false">
<forward name="success" path="/AddUserProfile.jsp" redirect="true"/>
</action> <action path="/addUserProfile"
type="com.erp.quotation.AddUserProfileDispatchAction"
name="addUserProfileForm"
scope="request" validate="true" parameter="method"
input="/AddUserProfile.jsp">
<forward name="success" path="/AddUserProfile.jsp"/>
<forward name="failure" path="/AddUserProfile.jsp"/>
<forward name="cancel" path="/UserMaint.jsp"/>
</action>
Initial page already shows with a token.
Why the following DispatchAction cannot trap duplicated submission?
public final class AddUserProfileDispatchAction extends DispatchAction {
public ActionForward create (ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response) throws Exception {
HttpSession session = request.getSession();
ActionErrors errors = new ActionErrors();
if (!isTokenValid(request, true)) {
errors.add(ActionErrors.GLOBAL_ERROR,
new ActionError("error.transaction.token"));
}
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
