02-cookie案例-显示用户上次访问网站的时间
//访问首页面
@WebServlet("/CookieDemo1")
public class CookieDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public CookieDemo1() {
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
@SuppressWarnings("deprecation")
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.print("您上次访问时间是:");
//获取用户的时间cookie
Cookie[] cookies = request.getCookies();
for (int i = 0; cookies != null && i < cookies.length; i++) {
if (cookies[i].getName().equals("lastVisitTime")) {
long cookieValue = Long.parseLong(cookies[i].getValue());
Date date = new Date(cookieValue);
out.print(date.toLocaleString());
break;
}
}
//给用户返回最新的访问时间
Cookie cookie = new Cookie("lastVisitTime", System.currentTimeMillis()
+ "");
cookie.setMaxAge(1 * 30 * 24 * 3600);
cookie.setPath("/day07");
response.addCookie(cookie);
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
03-cookie的细节--清除cookie
public class CookieDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;
public CookieDemo2() {
super();
}
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
Cookie cookie = new Cookie("lastVisitTime", System.currentTimeMillis()
+ "");
cookie.setMaxAge(0);
cookie.setPath("/day007");
response.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
用户浏览历史商品列表
public class CookieDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
// 本网站所有的商品列表
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.print("本网站销售的产品:<br/>");
Map<String, Good> goods = Db.getAllGoods();
for (Map.Entry<String, Good> good : goods.entrySet()) {
Good good_val = good.getValue();
out.print("<a href='/day06/CookieDemo2?id=" + good_val.getId()
+ "' targrt='_blank'>" + good_val.getName() + "</a><br/>");
}
// 用户浏览过的商品列表
out.print("用户浏览过的商品列表<br/>");
Cookie[] cookies = request.getCookies();
for (int i = 0; null != cookies && i < cookies.length; i++) {
if (cookies[i].getName().equals("goodsHistory")) {
String[] goodIds = cookies[i].getValue().split("\\,");
for (String id : goodIds) {
Good good = Db.getGoodById(id);
out.print(good.getName() + "<br/>");
}
}
}
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class Db {
private static Map<String, Good> maps = new LinkedHashMap<>();
static {
maps.put("1", new Good("1", "液晶电视", "2999", "这是小米电视,2k高清屏幕!"));
maps.put("2", new Good("2", "电饭锅", "399", "这是九阳电饭煲,假一罚十!"));
maps.put("3", new Good("3", "派克钢笔", "2888", "这是派克钢笔,贵族首选!"));
maps.put("4", new Good("4", "ipad mini", "3333", "伟大的苹果,没有乔布斯,还有大库克!"));
maps.put("5", new Good("5", "宝马i7", "520000", "宝马,原装进口,德国品质,值得信赖!"));
}
public static Map<String, Good> getAllGoods() {
return maps;
}
public static Good getGoodById(String id) {
return maps.get(id);
}
}
class Good {
private String id;
private String name;
private String price;
private String description;
public Good() {
}
public Good(String id, String name, String price, String description) {
this.id = id;
this.name = name;
this.price = price;
this.description = description;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPrice() {
return price;
}
public void setPrice(String price) {
this.price = price;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
}
public class CookieDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
// 商品详细信息
out.print("<br/>商品详细信息:<br/>");
String id = request.getParameter("id");
Good good = Db.getGoodById(id);
out.print("商品id:" + good.getId() + "<br/>");
out.print("商品名称:" + good.getName() + "<br/>");
out.print("商品价格:" + good.getPrice() + "<br/>");
out.print("商品详情描述:" + good.getDescription() + "<br/>");
// 浏览商品写入cookie
String goodsCookie = buildCookie(id, request);
Cookie cookie = new Cookie("goodsHistory", goodsCookie);
cookie.setMaxAge(1 * 30 * 24 * 60 * 60);
cookie.setPath("/day06");
response.addCookie(cookie);
}
private String buildCookie(String id, HttpServletRequest request) {
// goodsHistory null 1 1
// goodsHistory 1,3 4 4,1,3
// goodsHistory 1,3,4 4 4,1,3
// goodsHistory 1,3,5 4 4,1,3
String goodsHistory = "";
Cookie[] cookies = request.getCookies();
for (int i = 0; cookies != null && i < cookies.length; i++) {
if (cookies[i].getName().equals("goodsHistory")) {
goodsHistory = cookies[i].getValue();
}
}
if (goodsHistory == null) {
goodsHistory = id;
}
LinkedList<String> list = new LinkedList<>(Arrays.asList(goodsHistory
.split("\\,")));
if (list.contains(id)) {
list.remove(id);
}
while (list.size() >= 3) {
list.removeLast();
}
list.addFirst(id);
StringBuffer sb = new StringBuffer();
for (int i = 0; i < list.size(); i++)
sb.append(list.get(i) + ",");
if (sb.toString().endsWith(","))
goodsHistory = sb.substring(0, sb.length() - 1);
return goodsHistory;
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<servlet>
<servlet-name>demo1</servlet-name>
<servlet-class>com.cnpc.cookie.CookieDemo1</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo1</servlet-name>
<url-pattern>/CookieDemo1</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>demo2</servlet-name>
<servlet-class>com.cnpc.cookie.CookieDemo2</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo2</servlet-name>
<url-pattern>/CookieDemo2</url-pattern>
</servlet-mapping>
session入门
<servlet>
<servlet-name>demo3</servlet-name>
<servlet-class>com.cnpc.session.SessionDemo1</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo3</servlet-name>
<url-pattern>/SessionDemo1</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>demo4</servlet-name>
<servlet-class>com.cnpc.session.SessionDemo2</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo4</servlet-name>
<url-pattern>/SessionDemo2</url-pattern>
</servlet-mapping>
//购买
public class SessionDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
session.setAttribute("name", "洗衣机");
// session.invalidate();
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
//结帐
public class SessionDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(false);
String goodName = (String) session.getAttribute("name");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.print("您购买的商品为:" + goodName);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<body>
<a href="/day06/SessionDemo1">购买</a>
<a href="/day06/SessionDemo2">结帐</a>
</body>
默认session生命周期是30分钟。第一次访问代码session.getSession时候创建session
关闭浏览器session没有死,而是session 30分钟没有用才自动清除。
<session-config>
<session-timeout>10</session-timeout>
</session-config>
设置session不可用代码
session.invalidate();
显示购物车的时候用此代码:
request.getSession(false);---只获取session,不会主动创建session。
session要借助cookie用于标识当前用户(浏览器)与服务器端的关系。
cookie没有写过期时间,所以关闭浏览器 cookie丢失。于是重新打开,即使session没到30分钟,仍然不识别了。
解决方案,给cookie设置过期时间,自己写个cookie,覆盖掉原来默认的cookie。
Cookie cookie = new Cookie("JSESSIONID",sessionId);
cookie.setPath("/day06");
cookie.setMaxAge(30*60);
response.addCookie(cookie);
再也不用担心小娃娃关闭自己的浏览器了,哈哈
用户禁用cookie
解决方案,url重写。
String url1 = response.encodeURL("/day06/SessionDemo1");
String url2 = response.encodeURL("/day06/SessionDemo2");
out.print("<a href='" + url1 + "'>付款</a> ");
out.print("<a href='" + url2 + "'>结帐</a>");
html乱码解决
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
session实现的购物车
//重定向 java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: com.cnpc.shopping.Book
//必须实现Serializable接口
public class Book implements Serializable {
private static final long serialVersionUID = 1L;
private String id;
private String name;
private String author;
private String description;
public Book() {
}
public Book(String id, String name, String author, String description) {
this.id = id;
this.name = name;
this.author = author;
this.description = description;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getAuthor() {
return author;
}
public void setAuthor(String author) {
this.author = author;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
}
//代表网站首页
public class ListBookServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.print("本网站的书籍列表:<br/>");
Map<String, Book> bookMaps = Db.getAllBooks();
for (Map.Entry<String, Book> bookEntry : bookMaps.entrySet()) {
Book book = bookEntry.getValue();
out.print(book.getName() + "<a href='/day06/BuyServlet?id="
+ book.getId() + "' target='_blank'>购买</a><br/>");
}
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class Db {
private static Map<String, Book> maps = new LinkedHashMap<>();
static {
maps.put("1", new Book("1", "java web 2.0", "张xx",
"介绍java web开发的一本入门书籍!"));
maps.put("2", new Book("2", "javascript", "少量",
"介绍javascript开发的一本入门书籍!"));
maps.put("3", new Book("3", "jquery", "李刚", "介绍jquery开发的一本入门书籍!"));
maps.put("4", new Book("4", "spring3.x企业级应用开发", "离火命",
"介绍spring3.x开发的一本入门书籍!"));
maps.put("5", new Book("5", "spring mvc入门", "放丽讯",
"介绍spring mvc开发的一本入门书籍!"));
maps.put("6", new Book("6", "大话设计模式", "程杰", "介绍大话设计模式开发的一本入门书籍!"));
}
public static Map<String, Book> getAllBooks() {
return maps;
}
public static Book getBookById(String id) {
return maps.get(id);
}
}
//购物车列表
public class ListCardServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
HttpSession session = request.getSession(false);
if(session==null){
out.write("您没有购买任何商品");
return;
}
out.print("您购买了如下商品:<br/>");
List<Book> list = (List) session.getAttribute("list");
if(list != null){
for(Book book :list){
out.print(book.getName()+"<br/>");
}
}
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
//购买
public class BuyServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String id = request.getParameter("id");
Book book = Db.getBookById(id);
HttpSession session = request.getSession();
// session.setAttribute("book", book); //这样是不行的。可能session买的不止是书,最后乱成一团
// List<Book> list = new ArrayList<Book>();//还是错的,每次都new 上次的数据还有吗
//手工以cookie的形式发sessionid,以解决关闭浏览器后上次买的东西还在
//用户关闭cookie的解决方案,所有涉及到会话的访问地址都要进行重写加 jessionId
// 从session得到用户用于保存所有书的集合(购物车)
List list = (List) session.getAttribute("list");
if (list == null) {
list = new ArrayList<>();
session.setAttribute("list", list);
}
list.add(book);
// request.getRequestDispatcher("/ListCardServlet").forward(request,
// response);// 这个有明显的缺陷,刷新一次,购物车多一次产品购买,必须用重定向。转发不能刷新 //error
response.sendRedirect(request.getContextPath()+"/ListCardServlet");// /day06
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<servlet>
<servlet-name>listBook</servlet-name>
<servlet-class>com.cnpc.shopping.ListBookServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>listBook</servlet-name>
<url-pattern>/ListBookServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>buy</servlet-name>
<servlet-class>com.cnpc.shopping.BuyServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>buy</servlet-name>
<url-pattern>/BuyServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>listCard</servlet-name>
<servlet-class>com.cnpc.shopping.ListCardServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>listCard</servlet-name>
<url-pattern>/ListCardServlet</url-pattern>
</servlet-mapping>
session容器存放用户登录信息
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String username = request.getParameter("username");
String password = request.getParameter("password");
List<User> list = Db.getAllUsers();
for (User user : list) {
if (user.getUsername().equals(username)
&& user.getPassword().equals(password)) {
HttpSession session = request.getSession();
if (null == session.getAttribute("user")) {
session.setAttribute("user", user); // 登录成功,向session存入一个登录标识
response.sendRedirect("/day06/index.jsp");
//如果是forward会有问题,刷新一次,登录一次?
return;
}
}
}
out.write("用户名/密码不正确");
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class Db {
private static List<User> list = new ArrayList<>();
static {
list.add(new User("aaa", "111"));
list.add(new User("bbb", "111"));
list.add(new User("ccc", "111"));
}
public static List<User> getAllUsers() {
return list;
}
}
public class User {
private String username;
private String password;
public User() {
}
public User(String username, String password) {
this.username = username;
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "User [username=" + username + "]";
}
}
//退出登录
public class LogoutServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(false);
if (session != null) {
session.removeAttribute("user");
}
response.sendRedirect("/day06/index.jsp");
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<servlet>
<servlet-name>login</servlet-name>
<servlet-class>com.cnpc.session.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>login</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>logout</servlet-name>
<servlet-class>com.cnpc.session.LogoutServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>logout</servlet-name>
<url-pattern>/LogoutServlet</url-pattern>
</servlet-mapping>
<body>
<form action="/day06/LoginServlet" method="post">
用户名:<input id="username" name="username" type="text"> <br />密码:<input
name="password" id="password" type="password" /> <br /> <input type="submit"
value="提交" />
</form>
</body>
<body>
欢迎 ,${user.username }登录此系统! <a href='/day06/login.jsp'>登录</a> <a href='/day06/LogoutServlet'>退出系统</a><br/>
<a href="/day06/SessionDemo1">购买</a>
<a href="/day06/SessionDemo2">结帐</a>
</body>
客户端防表单重复提交和服务器端session防表单重复提交
js
方式一:
<script type="text/javascript">
var iscommitted = false;
function dosubmit() {
if (!iscommitted) {
iscommitted = true;
return true;
} else {
return false;
}
}
</script>
方式二:
<script type="text/javascript">
function dosubmit(){
var submitId = document.getElementById('submit');
submitId.disabled="disabled";
return true;
}
</script>
<form action="xxxx" method="post" οnsubmit="return dosubmit();">
<input id="submit" type="submit" value="提交"/>
</form>
服务器端的验证:
<servlet>
<servlet-name>formServlet</servlet-name>
<servlet-class>com.cnpc.form.FormServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>formServlet</servlet-name>
<url-pattern>/FormServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>doFormServlet</servlet-name>
<servlet-class>com.cnpc.form.DoFormServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>doFormServlet</servlet-name>
<url-pattern>/DoFormServlet</url-pattern>
</servlet-mapping>
public class FormServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
// 产生随机数(表单号)
TokenProcessor tp = TokenProcessor.getInstance();
String token = tp.generatorToken();
request.getSession().setAttribute("token", token);
request.getRequestDispatcher("/formNew.jsp").forward(request, response);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class TokenProcessor { // 令牌 ,单例设计模式
private TokenProcessor() {
}
private static final TokenProcessor instance = new TokenProcessor();
public static TokenProcessor getInstance() {
return instance;
}
public String generatorToken() {
String token = System.currentTimeMillis() + new Random().nextInt() + "";
// 获取摘要数据指纹,长度为固定长度128位
try {
MessageDigest md = MessageDigest.getInstance("md5");
byte[] md5 = md.digest(token.getBytes());
// base64编码 原理,6位一截取,前面两位补0.
// 1010 0010 1100 1001 0011 1110
// 00101000 00101100 00100100 00111110
// 00000000 -- 00111111 《0 - 63》 所以叫base64 ,开始结束是base64中编码中没有的。
// 所以防止电影传输只传了一半就结束
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(md5);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
}
//防止表单重复提交,跟struts的代码一模一样的。值得学习
public class DoFormServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
boolean b = isTokenValid(request);
if (!b) {
out.print("请不要重复提交!");
return;
}
request.getSession().removeAttribute("token");
System.out.println("处理表单提交,存入数据库!");
}
// 判断表单号是否有效
private boolean isTokenValid(HttpServletRequest request) {
String client_token = request.getParameter("token");
if (client_token == null) {
return false;
}
String server_token = (String) request.getSession(false).getAttribute(
"token");
if (server_token == null) {
return false;
}
if (!client_token.equals(server_token)) {
return false;
}
return true;
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
利用session实现一次性验证码的校验
代码比较简单,生成校验码的时候,对应服务端存入session。与客户端输入的进行校验比较
request 和 response 字符串比较时候 ,记得想想字符编码问题
request session servletContext对比
request 数据显示完了就没用了,就用request
session 数据除了显示,待会还要用,就用session,可以跨servlet使用
servletContext 数据除了显示,待会还要用,并且还要给别人用(如聊天室等),那就是servletContext。
//访问首页面
@WebServlet("/CookieDemo1")
public class CookieDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public CookieDemo1() {
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
@SuppressWarnings("deprecation")
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.print("您上次访问时间是:");
//获取用户的时间cookie
Cookie[] cookies = request.getCookies();
for (int i = 0; cookies != null && i < cookies.length; i++) {
if (cookies[i].getName().equals("lastVisitTime")) {
long cookieValue = Long.parseLong(cookies[i].getValue());
Date date = new Date(cookieValue);
out.print(date.toLocaleString());
break;
}
}
//给用户返回最新的访问时间
Cookie cookie = new Cookie("lastVisitTime", System.currentTimeMillis()
+ "");
cookie.setMaxAge(1 * 30 * 24 * 3600);
cookie.setPath("/day07");
response.addCookie(cookie);
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
03-cookie的细节--清除cookie
public class CookieDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;
public CookieDemo2() {
super();
}
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
Cookie cookie = new Cookie("lastVisitTime", System.currentTimeMillis()
+ "");
cookie.setMaxAge(0);
cookie.setPath("/day007");
response.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
用户浏览历史商品列表
public class CookieDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
// 本网站所有的商品列表
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.print("本网站销售的产品:<br/>");
Map<String, Good> goods = Db.getAllGoods();
for (Map.Entry<String, Good> good : goods.entrySet()) {
Good good_val = good.getValue();
out.print("<a href='/day06/CookieDemo2?id=" + good_val.getId()
+ "' targrt='_blank'>" + good_val.getName() + "</a><br/>");
}
// 用户浏览过的商品列表
out.print("用户浏览过的商品列表<br/>");
Cookie[] cookies = request.getCookies();
for (int i = 0; null != cookies && i < cookies.length; i++) {
if (cookies[i].getName().equals("goodsHistory")) {
String[] goodIds = cookies[i].getValue().split("\\,");
for (String id : goodIds) {
Good good = Db.getGoodById(id);
out.print(good.getName() + "<br/>");
}
}
}
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class Db {
private static Map<String, Good> maps = new LinkedHashMap<>();
static {
maps.put("1", new Good("1", "液晶电视", "2999", "这是小米电视,2k高清屏幕!"));
maps.put("2", new Good("2", "电饭锅", "399", "这是九阳电饭煲,假一罚十!"));
maps.put("3", new Good("3", "派克钢笔", "2888", "这是派克钢笔,贵族首选!"));
maps.put("4", new Good("4", "ipad mini", "3333", "伟大的苹果,没有乔布斯,还有大库克!"));
maps.put("5", new Good("5", "宝马i7", "520000", "宝马,原装进口,德国品质,值得信赖!"));
}
public static Map<String, Good> getAllGoods() {
return maps;
}
public static Good getGoodById(String id) {
return maps.get(id);
}
}
class Good {
private String id;
private String name;
private String price;
private String description;
public Good() {
}
public Good(String id, String name, String price, String description) {
this.id = id;
this.name = name;
this.price = price;
this.description = description;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPrice() {
return price;
}
public void setPrice(String price) {
this.price = price;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
}
public class CookieDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
// 商品详细信息
out.print("<br/>商品详细信息:<br/>");
String id = request.getParameter("id");
Good good = Db.getGoodById(id);
out.print("商品id:" + good.getId() + "<br/>");
out.print("商品名称:" + good.getName() + "<br/>");
out.print("商品价格:" + good.getPrice() + "<br/>");
out.print("商品详情描述:" + good.getDescription() + "<br/>");
// 浏览商品写入cookie
String goodsCookie = buildCookie(id, request);
Cookie cookie = new Cookie("goodsHistory", goodsCookie);
cookie.setMaxAge(1 * 30 * 24 * 60 * 60);
cookie.setPath("/day06");
response.addCookie(cookie);
}
private String buildCookie(String id, HttpServletRequest request) {
// goodsHistory null 1 1
// goodsHistory 1,3 4 4,1,3
// goodsHistory 1,3,4 4 4,1,3
// goodsHistory 1,3,5 4 4,1,3
String goodsHistory = "";
Cookie[] cookies = request.getCookies();
for (int i = 0; cookies != null && i < cookies.length; i++) {
if (cookies[i].getName().equals("goodsHistory")) {
goodsHistory = cookies[i].getValue();
}
}
if (goodsHistory == null) {
goodsHistory = id;
}
LinkedList<String> list = new LinkedList<>(Arrays.asList(goodsHistory
.split("\\,")));
if (list.contains(id)) {
list.remove(id);
}
while (list.size() >= 3) {
list.removeLast();
}
list.addFirst(id);
StringBuffer sb = new StringBuffer();
for (int i = 0; i < list.size(); i++)
sb.append(list.get(i) + ",");
if (sb.toString().endsWith(","))
goodsHistory = sb.substring(0, sb.length() - 1);
return goodsHistory;
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<servlet>
<servlet-name>demo1</servlet-name>
<servlet-class>com.cnpc.cookie.CookieDemo1</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo1</servlet-name>
<url-pattern>/CookieDemo1</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>demo2</servlet-name>
<servlet-class>com.cnpc.cookie.CookieDemo2</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo2</servlet-name>
<url-pattern>/CookieDemo2</url-pattern>
</servlet-mapping>
session入门
<servlet>
<servlet-name>demo3</servlet-name>
<servlet-class>com.cnpc.session.SessionDemo1</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo3</servlet-name>
<url-pattern>/SessionDemo1</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>demo4</servlet-name>
<servlet-class>com.cnpc.session.SessionDemo2</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>demo4</servlet-name>
<url-pattern>/SessionDemo2</url-pattern>
</servlet-mapping>
//购买
public class SessionDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
session.setAttribute("name", "洗衣机");
// session.invalidate();
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
//结帐
public class SessionDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(false);
String goodName = (String) session.getAttribute("name");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.print("您购买的商品为:" + goodName);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<body>
<a href="/day06/SessionDemo1">购买</a>
<a href="/day06/SessionDemo2">结帐</a>
</body>
默认session生命周期是30分钟。第一次访问代码session.getSession时候创建session
关闭浏览器session没有死,而是session 30分钟没有用才自动清除。
<session-config>
<session-timeout>10</session-timeout>
</session-config>
设置session不可用代码
session.invalidate();
显示购物车的时候用此代码:
request.getSession(false);---只获取session,不会主动创建session。
session要借助cookie用于标识当前用户(浏览器)与服务器端的关系。
cookie没有写过期时间,所以关闭浏览器 cookie丢失。于是重新打开,即使session没到30分钟,仍然不识别了。
解决方案,给cookie设置过期时间,自己写个cookie,覆盖掉原来默认的cookie。
Cookie cookie = new Cookie("JSESSIONID",sessionId);
cookie.setPath("/day06");
cookie.setMaxAge(30*60);
response.addCookie(cookie);
再也不用担心小娃娃关闭自己的浏览器了,哈哈
用户禁用cookie
解决方案,url重写。
String url1 = response.encodeURL("/day06/SessionDemo1");
String url2 = response.encodeURL("/day06/SessionDemo2");
out.print("<a href='" + url1 + "'>付款</a> ");
out.print("<a href='" + url2 + "'>结帐</a>");
html乱码解决
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
session实现的购物车
//重定向 java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: com.cnpc.shopping.Book
//必须实现Serializable接口
public class Book implements Serializable {
private static final long serialVersionUID = 1L;
private String id;
private String name;
private String author;
private String description;
public Book() {
}
public Book(String id, String name, String author, String description) {
this.id = id;
this.name = name;
this.author = author;
this.description = description;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getAuthor() {
return author;
}
public void setAuthor(String author) {
this.author = author;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
}
//代表网站首页
public class ListBookServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.print("本网站的书籍列表:<br/>");
Map<String, Book> bookMaps = Db.getAllBooks();
for (Map.Entry<String, Book> bookEntry : bookMaps.entrySet()) {
Book book = bookEntry.getValue();
out.print(book.getName() + "<a href='/day06/BuyServlet?id="
+ book.getId() + "' target='_blank'>购买</a><br/>");
}
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class Db {
private static Map<String, Book> maps = new LinkedHashMap<>();
static {
maps.put("1", new Book("1", "java web 2.0", "张xx",
"介绍java web开发的一本入门书籍!"));
maps.put("2", new Book("2", "javascript", "少量",
"介绍javascript开发的一本入门书籍!"));
maps.put("3", new Book("3", "jquery", "李刚", "介绍jquery开发的一本入门书籍!"));
maps.put("4", new Book("4", "spring3.x企业级应用开发", "离火命",
"介绍spring3.x开发的一本入门书籍!"));
maps.put("5", new Book("5", "spring mvc入门", "放丽讯",
"介绍spring mvc开发的一本入门书籍!"));
maps.put("6", new Book("6", "大话设计模式", "程杰", "介绍大话设计模式开发的一本入门书籍!"));
}
public static Map<String, Book> getAllBooks() {
return maps;
}
public static Book getBookById(String id) {
return maps.get(id);
}
}
//购物车列表
public class ListCardServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
HttpSession session = request.getSession(false);
if(session==null){
out.write("您没有购买任何商品");
return;
}
out.print("您购买了如下商品:<br/>");
List<Book> list = (List) session.getAttribute("list");
if(list != null){
for(Book book :list){
out.print(book.getName()+"<br/>");
}
}
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
//购买
public class BuyServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String id = request.getParameter("id");
Book book = Db.getBookById(id);
HttpSession session = request.getSession();
// session.setAttribute("book", book); //这样是不行的。可能session买的不止是书,最后乱成一团
// List<Book> list = new ArrayList<Book>();//还是错的,每次都new 上次的数据还有吗
//手工以cookie的形式发sessionid,以解决关闭浏览器后上次买的东西还在
//用户关闭cookie的解决方案,所有涉及到会话的访问地址都要进行重写加 jessionId
// 从session得到用户用于保存所有书的集合(购物车)
List list = (List) session.getAttribute("list");
if (list == null) {
list = new ArrayList<>();
session.setAttribute("list", list);
}
list.add(book);
// request.getRequestDispatcher("/ListCardServlet").forward(request,
// response);// 这个有明显的缺陷,刷新一次,购物车多一次产品购买,必须用重定向。转发不能刷新 //error
response.sendRedirect(request.getContextPath()+"/ListCardServlet");// /day06
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<servlet>
<servlet-name>listBook</servlet-name>
<servlet-class>com.cnpc.shopping.ListBookServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>listBook</servlet-name>
<url-pattern>/ListBookServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>buy</servlet-name>
<servlet-class>com.cnpc.shopping.BuyServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>buy</servlet-name>
<url-pattern>/BuyServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>listCard</servlet-name>
<servlet-class>com.cnpc.shopping.ListCardServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>listCard</servlet-name>
<url-pattern>/ListCardServlet</url-pattern>
</servlet-mapping>
session容器存放用户登录信息
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String username = request.getParameter("username");
String password = request.getParameter("password");
List<User> list = Db.getAllUsers();
for (User user : list) {
if (user.getUsername().equals(username)
&& user.getPassword().equals(password)) {
HttpSession session = request.getSession();
if (null == session.getAttribute("user")) {
session.setAttribute("user", user); // 登录成功,向session存入一个登录标识
response.sendRedirect("/day06/index.jsp");
//如果是forward会有问题,刷新一次,登录一次?
return;
}
}
}
out.write("用户名/密码不正确");
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class Db {
private static List<User> list = new ArrayList<>();
static {
list.add(new User("aaa", "111"));
list.add(new User("bbb", "111"));
list.add(new User("ccc", "111"));
}
public static List<User> getAllUsers() {
return list;
}
}
public class User {
private String username;
private String password;
public User() {
}
public User(String username, String password) {
this.username = username;
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "User [username=" + username + "]";
}
}
//退出登录
public class LogoutServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(false);
if (session != null) {
session.removeAttribute("user");
}
response.sendRedirect("/day06/index.jsp");
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
<servlet>
<servlet-name>login</servlet-name>
<servlet-class>com.cnpc.session.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>login</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>logout</servlet-name>
<servlet-class>com.cnpc.session.LogoutServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>logout</servlet-name>
<url-pattern>/LogoutServlet</url-pattern>
</servlet-mapping>
<body>
<form action="/day06/LoginServlet" method="post">
用户名:<input id="username" name="username" type="text"> <br />密码:<input
name="password" id="password" type="password" /> <br /> <input type="submit"
value="提交" />
</form>
</body>
<body>
欢迎 ,${user.username }登录此系统! <a href='/day06/login.jsp'>登录</a> <a href='/day06/LogoutServlet'>退出系统</a><br/>
<a href="/day06/SessionDemo1">购买</a>
<a href="/day06/SessionDemo2">结帐</a>
</body>
客户端防表单重复提交和服务器端session防表单重复提交
js
方式一:
<script type="text/javascript">
var iscommitted = false;
function dosubmit() {
if (!iscommitted) {
iscommitted = true;
return true;
} else {
return false;
}
}
</script>
方式二:
<script type="text/javascript">
function dosubmit(){
var submitId = document.getElementById('submit');
submitId.disabled="disabled";
return true;
}
</script>
<form action="xxxx" method="post" οnsubmit="return dosubmit();">
<input id="submit" type="submit" value="提交"/>
</form>
服务器端的验证:
<servlet>
<servlet-name>formServlet</servlet-name>
<servlet-class>com.cnpc.form.FormServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>formServlet</servlet-name>
<url-pattern>/FormServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>doFormServlet</servlet-name>
<servlet-class>com.cnpc.form.DoFormServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>doFormServlet</servlet-name>
<url-pattern>/DoFormServlet</url-pattern>
</servlet-mapping>
public class FormServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
// 产生随机数(表单号)
TokenProcessor tp = TokenProcessor.getInstance();
String token = tp.generatorToken();
request.getSession().setAttribute("token", token);
request.getRequestDispatcher("/formNew.jsp").forward(request, response);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
class TokenProcessor { // 令牌 ,单例设计模式
private TokenProcessor() {
}
private static final TokenProcessor instance = new TokenProcessor();
public static TokenProcessor getInstance() {
return instance;
}
public String generatorToken() {
String token = System.currentTimeMillis() + new Random().nextInt() + "";
// 获取摘要数据指纹,长度为固定长度128位
try {
MessageDigest md = MessageDigest.getInstance("md5");
byte[] md5 = md.digest(token.getBytes());
// base64编码 原理,6位一截取,前面两位补0.
// 1010 0010 1100 1001 0011 1110
// 00101000 00101100 00100100 00111110
// 00000000 -- 00111111 《0 - 63》 所以叫base64 ,开始结束是base64中编码中没有的。
// 所以防止电影传输只传了一半就结束
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(md5);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
}
//防止表单重复提交,跟struts的代码一模一样的。值得学习
public class DoFormServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
boolean b = isTokenValid(request);
if (!b) {
out.print("请不要重复提交!");
return;
}
request.getSession().removeAttribute("token");
System.out.println("处理表单提交,存入数据库!");
}
// 判断表单号是否有效
private boolean isTokenValid(HttpServletRequest request) {
String client_token = request.getParameter("token");
if (client_token == null) {
return false;
}
String server_token = (String) request.getSession(false).getAttribute(
"token");
if (server_token == null) {
return false;
}
if (!client_token.equals(server_token)) {
return false;
}
return true;
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
利用session实现一次性验证码的校验
代码比较简单,生成校验码的时候,对应服务端存入session。与客户端输入的进行校验比较
request 和 response 字符串比较时候 ,记得想想字符编码问题
request session servletContext对比
request 数据显示完了就没用了,就用request
session 数据除了显示,待会还要用,就用session,可以跨servlet使用
servletContext 数据除了显示,待会还要用,并且还要给别人用(如聊天室等),那就是servletContext。