Thanks for your reply.
What I really meant when I said I don't have an html:form, is that I do have
a
<FORM> tag, just not a <html:form> tag, ie I'm not using the struts html
taglib in my page (consequently I can't use the html:link tag either).
Is there a method I can call to get the transaction token in a format that
can be stuck in a query parameter? Then I can just do <a
href="blah.go?something=<%=getToken()%>">click me</a> ???
I'm still unsure of how to use saveToken(), resetToken(), and
isTokenValid(), at what point in my web action do I place these calls (if
any), and in what order?
-----Original Message-----
From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
Sent: 14 August 2001 17:05
To: [EMAIL PROTECTED]
Subject: Re: Examples of mutli-click prevention using struts tokens
On Tue, 14 Aug 2001, Tim Fox wrote:
> Anyone know of any examples of how to use the
> saveToken(), resetToken(), and isTokenValid() methods - for prevention of
> submission of forms multiple times.
> I can't find anything in the docs.
> Specifically I want to be able to use them in the situation where I
*don't*
> have a <html:form> in my page - is this possible?
> thanx in advance
>
If you don't have a form, then what you are trying to prevent is following
the same hyperlink twice, right? In that case, you can tell the
<html:link> tag to include the transaction control token like this:
<html:link href="/foo.do" transaction="true"/>
This will cause the token to be included on the hyperlink as a query
parameter, so that you can check it with isTokenValid() in your action
associated with path "/foo", just as if it came in on a form. Once you've
validated that, the action can forward to whatever page you actually want
to display.
Craig
