You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@click.apache.org by sa...@apache.org on 2009/07/25 00:09:06 UTC
svn commit: r797669 - in /incubator/click/trunk/click:
documentation/docs/faq.html framework/src/org/apache/click/control/Form.java
Author: sabob
Date: Fri Jul 24 22:09:05 2009
New Revision: 797669
URL: http://svn.apache.org/viewvc?rev=797669&view=rev
Log:
added docs about resubmitting form by click submit button twice in quick succession
Modified:
incubator/click/trunk/click/documentation/docs/faq.html
incubator/click/trunk/click/framework/src/org/apache/click/control/Form.java
Modified: incubator/click/trunk/click/documentation/docs/faq.html
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/documentation/docs/faq.html?rev=797669&r1=797668&r2=797669&view=diff
==============================================================================
--- incubator/click/trunk/click/documentation/docs/faq.html (original)
+++ incubator/click/trunk/click/documentation/docs/faq.html Fri Jul 24 22:09:05 2009
@@ -430,24 +430,48 @@
<dt><b>12. How can you prevent multiple form posts?</b></dt>
<dd>
You can prevent multiple form posts by using the Post Redirect pattern. With
- this pattern once the user has posted a form you redirect to another page.
- If the user then presses the refresh button, they will making a GET request on the
- current page.
+ this pattern once the user has posted a form you redirect to another page.
+ If the user then presses the refresh button, they will be making a GET request
+ on the current page.
+ <pre class="prettyprint">
+public class Purchase extends Page {
+ ..
+
+ public boolean onPurchase() {
+ if (form.isValid()) {
+ Order order = new Order();
+ form.copyTo(order);
+ getOrderService().save(order);
+
+ // Perform a redirect after post to protect against users pressing
+ // the refresh or back button
+ setRedirect(Purchase.class);
+ return false;
+ }
+ return true;
+ }
+} </pre>
<p/>
Please see the <a target="blank" href="http://www.theserverside.com/articles/content/RedirectAfterPost/article.html">Redirect After Post</a>
article for more information on this topic.
<p/>
- To prevent users resubmitting a form with the browser back button use the
- Form
+ Another common way duplicate posts occur is if the user accidentally
+ click the Form's submit button twice, in quick succession. Redirecting to another
+ won't protect against the second accidental submit.
+ <p/>
+ Click provides a clean way to prevent users from resubmitting the same Form
+ through the Form's
<a href="click-api/org/apache/click/control/Form.html#onSubmitCheck(org.apache.click.Page, java.lang.String)">onSubmitCheck()</a>
method:
-<pre class="codeJava">
-<span class="kw">public class</span> Purchase <span class="kw">extends</span> Page {
+<pre class="prettyprint">
+public class Purchase extends Page {
..
- <span class="kw">public boolean</span> onSecurityCheck() {
- <span class="kw">return</span> form.onSubmitCheck(<span class="kw">this</span>, <span class="st">"/invalid-submit.html"</span>);
+ public boolean onSecurityCheck() {
+ // Placing the onSubmitCheck in the onSecurityCheck event, prevents the
+ // page from being processed if a Form is resubmitted a second time
+ return form.onSubmitCheck(this, "/invalid-submit.html");
}
} </pre>
<p/>
Modified: incubator/click/trunk/click/framework/src/org/apache/click/control/Form.java
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/framework/src/org/apache/click/control/Form.java?rev=797669&r1=797668&r2=797669&view=diff
==============================================================================
--- incubator/click/trunk/click/framework/src/org/apache/click/control/Form.java (original)
+++ incubator/click/trunk/click/framework/src/org/apache/click/control/Form.java Fri Jul 24 22:09:05 2009
@@ -1848,8 +1848,9 @@
/**
* Perform a form submission check ensuring the user has not replayed the
- * form submission by using the browser back button. If the form submit
- * is valid this method will return true, otherwise set the page to
+ * form submission by using the browser's back or refresh buttons or by
+ * clicking the Form submit button twice, in quick succession. If the form
+ * submit is valid this method will return true, otherwise set the page to
* redirect to the given redirectPath and return false.
* <p/>
* This method will add a token to the user's session and a hidden field
@@ -1858,12 +1859,12 @@
* Form submit checks should be performed before the pages controls are
* processed in the Page onSecurityCheck method. For example:
*
- * <pre class="codeJava">
- * <span class="kw">public class</span> Order <span class="kw">extends</span> Page {
+ * <pre class="prettyprint">
+ * public class Order extends Page {
* ..
*
- * <span class="kw">public boolean</span> onSecurityCheck() {
- * <span class="kw">return</span> form.onSubmitCheck(<span class="kw">this</span>, <span class="st">"/invalid-submit.html"</span>);
+ * public boolean onSecurityCheck() {
+ * return form.onSubmitCheck(this, "/invalid-submit.html");
* }
* } </pre>
*