• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Preventing multiple posts...with popup windows in the mix

 
Ranch Hand
Posts: 948
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
First off, I just registered for this forum today. There seems to be a lot of knowledge Struts developers here and I have learned a few things looking around. Okay enough flattery...I saw the "Preventing multiple posts" FAQ entry and I wanted to ask a related question. This was an issue that I tried to solve a year or two ago, so my memory is a little rusty. BTW, I am (still) using Struts 1.1.

I wanted to hook up code to prevent multiple submissions. It seemed to work initially, but popup windows caused it to fail. When I say "popup windows" I am referring to an example such as a page where you can edit a person and when you click a link there is a popup window where you can edit a list of phone numbers. That is not a real example, but my project has a number of these popup windows.

So the flow is that the user is at the base edit page. This page is rendered with a TOKEN of "AAA". They click the link to bring up the child popup window. This page is rendered with a TOKEN of "BBB". The user clicks the Save button on the popup window and the call to isTokenValid works correctly. Now the user is back to the base page and they click the Save button. This time the call to isTokenValid fails because this page is submitted with a TOKEN of "AAA" but the popup window set the value on the session to "BBB".

Has anybody else had to deal with this issue? If so, how did you solve it?

BTW, one thing that I did that seemed like a good idea...well if the other part was working. I create a custom class derived from RequestActionMapping and added a property named synchronize that defaults to false. I then only set this to true for actions such as saves. In my base action class, I check this property and only call isTokenValid when it is true.

- Brent

(Edited to clarify text)
[ November 01, 2006: Message edited by: Brent Sterling ]
 
Ranch Hand
Posts: 4864
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My solution to this would be to use the saveToken and isTokenValid methods more sparingly. If I'm opeing up a popup window that has a user enter an address that I'm just saving in the session to be added to the database later when all the other information is gathered, there's really no reason to do a saveToken before displaying that page. The user can resubmit all he wants, but it still isn't going to affect the outcome.

I only use saveToken before a page I know could save to the database, and I only check isTokenValid when such a page has been submitted.
 
Brent Sterling
Ranch Hand
Posts: 948
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Merrill:

Thanks for the tip. In most cases the popup window also saves to the database so ideally they would both call saveToken and isTokenValid. Right now every action calls saveToken, but only certain actions call isTokenValid. The action knows if it is a parent window or a child window, so maybe there is something that I could do in the save of the child window that would reset the token on the session. hmmm....

- Brent
 
Brent Sterling
Ranch Hand
Posts: 948
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This issue (preventing multiple submissions) has bubbled back to the surface. Does anybody have other ideas this time around? I am thinking about abandoning the Struts token processing and just going with a client JavaScript solution. The application requires JavaScript to be enabled and we only need to support a recent version of IE so this seems like a doable approach. (plus I am still not clear the best way to handle the case where isValidToken return false).

- Brent
 
reply
    Bookmark Topic Watch Topic
  • New Topic