You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@struts.apache.org by Raphaël di Cicco <ra...@atosorigin.com> on 2003/12/01 11:30:29 UTC

my version of the Tokens

Hi,

before knowing about tokens, I have implemented a way to deal with the "refresh of a POST form" problem. Now that I know that tokens exist, I can't really use them for several reasons, but mainly because it adds a field in the <form> which modifies my current form validation with javascript.
Here is what I have done in my ActionBase class, that every Action I use derives from :


protected void setDBFlag(Object o, HttpServletRequest request) {

synchronized(session.getId()){

request.getSession(false).setAttribute(

Parametres.DB_FLAG + o,

Parametres.CHECKBOX_TRUE);

}

}



protected void clearDBFlag(Object o, HttpServletRequest request) {

synchronized(session.getId()){

request.getSession(false).removeAttribute(

Parametres.DB_FLAG + o);

}

}



protected boolean checkDBFlag(Object o, HttpServletRequest request) {

synchronized(session.getId()){

return (

request.getSession(false).getAttribute(

Parametres.DB_FLAG + o)

!= null);

}

}


These methods should be called from the class below this way :

public class MyAction extends ActionBase{
....
...
protected ActionForward executeUpdate(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)

throws Exception {

if ("GET".equalsIgnoreCase(request.getMethod())) {

setDBFlag(this, request);

this.processBeforeUpdate(mapping, form, request, response);

return mapping.findForward(EDIT);

} 

else {

HttpSession session = request.getSession(false);

ListResultCsv resultats =

(ListResultCsv) (session.getAttribute(attTable));

if(checkDBFlag(this, request)){

//update DB

processUpdate(...,form);

updateBeanConteneur();

clearDBFlag(this,request);

}}

}

.....



}//end of class

As you can see I'm putting a flag on the session. This flag name is actually function of the name of the Action instance itself (this). 

The idea is to put the flag to true while preparing the form, then when the form is submitted, I check if the flag is true then I do the updates and set the flag to false. So when a user presses refresh, the form is not submitted 2 times.
The problem with this solution is that I must use the same Action to prepare and submit the Form, but it's the case most of the times.
I was wondering if the solution I chose looks OK in a multi-user application. I know that each user has its own Action instance, so it should not be a problem, but at the same time, looking at Struts' implementation of the tokens which is more complicated, I think there might be some issues with my approach.

Thanks in advance for the feedback!

________________________________
Raphaël di Cicco

Re: my version of the Tokens

Posted by Raphaël di Cicco <ra...@atosorigin.com>.

Thanks Adam for your comment.
Yes you're right... but in my application every new window I open is indexed
with a windowId.
In fact, every session attribute name is built using this windowId, so that
session objects don't mix between pages. The flag itself uses the windowId
this way, but I didn't put it in the code (something like
request.getSession(false).setAttribute(Parametres.DB_FLAG + o +
getWindowId(request), Parametres.CHECKBOX_TRUE);

Nonetheless, the problem you found will happen if the user decides to open a
new window by himself because the new window will have the same windowId as
the previous one :(


----- Original Message ----- 
From: "Adam Hardy" <ah...@cyberspaceroad.com>
To: "Struts Users Mailing List" <st...@jakarta.apache.org>
Sent: Monday, December 01, 2003 12:44 PM
Subject: Re: my version of the Tokens


> Hi Raphaël
> what happens if the user has two browser windows open for two different
> datasets which use the same action? He will be prevented from submitting
> the second one.
>
> Adam
>
> On 12/01/2003 11:30 AM Raphaël di Cicco wrote:
> > Hi,
> >
> > before knowing about tokens, I have implemented a way to deal with the
"refresh of a POST form" problem. Now that I know that tokens exist, I can't
really use them for several reasons, but mainly because it adds a field in
the <form> which modifies my current form validation with javascript.
> > Here is what I have done in my ActionBase class, that every Action I use
derives from :
> >
> >
> > protected void setDBFlag(Object o, HttpServletRequest request) {
> >
> > synchronized(session.getId()){
> >
> > request.getSession(false).setAttribute(
> >
> > Parametres.DB_FLAG + o,
> >
> > Parametres.CHECKBOX_TRUE);
> >
> > }
> >
> > }
> >
> >
> >
> > protected void clearDBFlag(Object o, HttpServletRequest request) {
> >
> > synchronized(session.getId()){
> >
> > request.getSession(false).removeAttribute(
> >
> > Parametres.DB_FLAG + o);
> >
> > }
> >
> > }
> >
> >
> >
> > protected boolean checkDBFlag(Object o, HttpServletRequest request) {
> >
> > synchronized(session.getId()){
> >
> > return (
> >
> > request.getSession(false).getAttribute(
> >
> > Parametres.DB_FLAG + o)
> >
> > != null);
> >
> > }
> >
> > }
> >
> >
> > These methods should be called from the class below this way :
> >
> > public class MyAction extends ActionBase{
> > ....
> > ...
> > protected ActionForward executeUpdate(ActionMapping mapping, ActionForm
form, HttpServletRequest request, HttpServletResponse response)
> >
> > throws Exception {
> >
> > if ("GET".equalsIgnoreCase(request.getMethod())) {
> >
> > setDBFlag(this, request);
> >
> > this.processBeforeUpdate(mapping, form, request, response);
> >
> > return mapping.findForward(EDIT);
> >
> > }
> >
> > else {
> >
> > HttpSession session = request.getSession(false);
> >
> > ListResultCsv resultats =
> >
> > (ListResultCsv) (session.getAttribute(attTable));
> >
> > if(checkDBFlag(this, request)){
> >
> > //update DB
> >
> > processUpdate(...,form);
> >
> > updateBeanConteneur();
> >
> > clearDBFlag(this,request);
> >
> > }}
> >
> > }
> >
> > .....
> >
> >
> >
> > }//end of class
> >
> > As you can see I'm putting a flag on the session. This flag name is
actually function of the name of the Action instance itself (this).
> >
> > The idea is to put the flag to true while preparing the form, then when
the form is submitted, I check if the flag is true then I do the updates and
set the flag to false. So when a user presses refresh, the form is not
submitted 2 times.
> > The problem with this solution is that I must use the same Action to
prepare and submit the Form, but it's the case most of the times.
> > I was wondering if the solution I chose looks OK in a multi-user
application. I know that each user has its own Action instance, so it should
not be a problem, but at the same time, looking at Struts' implementation of
the tokens which is more complicated, I think there might be some issues
with my approach.
> >
> > Thanks in advance for the feedback!
> >
> > ________________________________
> > Raphaël di Cicco
> >
>
>
> -- 
> struts 1.1 + tomcat 5.0.14 + java 1.4.2
> Linux 2.4.20 RH9
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

Re: my version of the Tokens

Posted by Adam Hardy <ah...@cyberspaceroad.com>.

Hi Raphaël
what happens if the user has two browser windows open for two different 
datasets which use the same action? He will be prevented from submitting 
the second one.

Adam

On 12/01/2003 11:30 AM Raphaël di Cicco wrote:
> Hi,
> 
> before knowing about tokens, I have implemented a way to deal with the "refresh of a POST form" problem. Now that I know that tokens exist, I can't really use them for several reasons, but mainly because it adds a field in the <form> which modifies my current form validation with javascript.
> Here is what I have done in my ActionBase class, that every Action I use derives from :
> 
> 
> protected void setDBFlag(Object o, HttpServletRequest request) {
> 
> synchronized(session.getId()){
> 
> request.getSession(false).setAttribute(
> 
> Parametres.DB_FLAG + o,
> 
> Parametres.CHECKBOX_TRUE);
> 
> }
> 
> }
> 
> 
> 
> protected void clearDBFlag(Object o, HttpServletRequest request) {
> 
> synchronized(session.getId()){
> 
> request.getSession(false).removeAttribute(
> 
> Parametres.DB_FLAG + o);
> 
> }
> 
> }
> 
> 
> 
> protected boolean checkDBFlag(Object o, HttpServletRequest request) {
> 
> synchronized(session.getId()){
> 
> return (
> 
> request.getSession(false).getAttribute(
> 
> Parametres.DB_FLAG + o)
> 
> != null);
> 
> }
> 
> }
> 
> 
> These methods should be called from the class below this way :
> 
> public class MyAction extends ActionBase{
> ....
> ...
> protected ActionForward executeUpdate(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
> 
> throws Exception {
> 
> if ("GET".equalsIgnoreCase(request.getMethod())) {
> 
> setDBFlag(this, request);
> 
> this.processBeforeUpdate(mapping, form, request, response);
> 
> return mapping.findForward(EDIT);
> 
> } 
> 
> else {
> 
> HttpSession session = request.getSession(false);
> 
> ListResultCsv resultats =
> 
> (ListResultCsv) (session.getAttribute(attTable));
> 
> if(checkDBFlag(this, request)){
> 
> //update DB
> 
> processUpdate(...,form);
> 
> updateBeanConteneur();
> 
> clearDBFlag(this,request);
> 
> }}
> 
> }
> 
> .....
> 
> 
> 
> }//end of class
> 
> As you can see I'm putting a flag on the session. This flag name is actually function of the name of the Action instance itself (this). 
> 
> The idea is to put the flag to true while preparing the form, then when the form is submitted, I check if the flag is true then I do the updates and set the flag to false. So when a user presses refresh, the form is not submitted 2 times.
> The problem with this solution is that I must use the same Action to prepare and submit the Form, but it's the case most of the times.
> I was wondering if the solution I chose looks OK in a multi-user application. I know that each user has its own Action instance, so it should not be a problem, but at the same time, looking at Struts' implementation of the tokens which is more complicated, I think there might be some issues with my approach.
> 
> Thanks in advance for the feedback!
> 
> ________________________________
> Raphaël di Cicco
> 


-- 
struts 1.1 + tomcat 5.0.14 + java 1.4.2
Linux 2.4.20 RH9

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org