index.jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="GB18030"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<table>
<%
String title = (String) request.getAttribute("title");
String content = (String) request.getAttribute("content");
if (title != null && !title.isEmpty()) {
out.println("<tr><td>" + title + "</td></tr>");
}
if (content != null && !content.isEmpty()) {
out.println("<tr><td>" + content + "</td></tr>");
}
%>
</table>
<form action="MessageServlet" method="post">
<table>
<tr>
<td>
标题:
<input type="text" name="title" size="30">
</td>
</tr>
<tr>
<td>
内容:
<textarea rows="5" cols="40" name="content"></textarea>
</td>
</tr>
<tr>
<td>
<input type="submit" name="submit" value="提交">
</td>
</tr>
</table>
</form>
</body>
</html>
WordFilter.java
package yuhaibin;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class WordFilter implements Filter {
// 非法字符数组
private String[] words;
// 字符编码
private String encoding;
// 实现filter的init方法
public void init(FilterConfig filterConfig) {
encoding = filterConfig.getInitParameter("encoding");
words = new String[] { "糟糕", "混蛋", "色情", "性" };
}
// 实现doFilter方法
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// 判断字符编码是否有效
if (encoding != null) {// 设置request字符编码
request.setCharacterEncoding(encoding);
// 将request转换为重写后request
request = new Request((HttpServletRequest) request);
// 设置response字符编码
response.setContentType("text/html;charset=" + encoding);
}
chain.doFilter(request, response);
}
// 实现destroy方法
public void destroy() {
this.encoding = null;
this.words = null;
}
/*
* 重写HttpServletRequestWrapper
*/
class Request extends HttpServletRequestWrapper {
// 构造方法
public Request(HttpServletRequest request) {
super(request);
}
// 重写getParameter方法
public String getParameter(String name) {
// 返回过滤后的参数值
return filter(super.getRequest().getParameter(name));
}
// 重写getParameterValues方法
public String[] getParameterValues(String name) {
String[] values = super.getRequest().getParameterValues(name);
// 通过循环进行过滤
for (int i = 0; i < values.length; i++) {
values[i] = filter(values[i]);
}
return values;
}
// 过滤非法字符函数
public String filter(String param) {
// 判断非法字符是否被初始化
if (words != null && words.length > 0) {
// 循环替换非法字符
for (int i = 0; i < words.length; i++) {
// 判断是否包含非法字符
if (param.indexOf(words[i]) != -1) {
// 非法字符替换为****
param = param.replace(words[i], "****");
}
}
}
return param;
}
}
}
MessageServlet.java
package yuhaibin;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class MessageServlet extends HttpServlet {
private static final long serialVersionUID = -28643831554544646L;
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 获取标题
String title = request.getParameter("title");
// 获取内容
String content = request.getParameter("content");
// 将标题放到request中
request.setAttribute("title", title);
// 将内容放到request中
request.setAttribute("content", content);
// 转发到result.jsp页面
request.getRequestDispatcher("index.jsp").forward(request, response);
}
}
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<!--声明非法字符过滤器-->
<filter>
<filter-name>
WordFilter
</filter-name>
<filter-class>
yuhaibin.WordFilter
</filter-class>
<!--初始化参数值-->
<init-param>
<param-name>
encoding
</param-name>
<param-value>
GBK
</param-value>
</init-param>
</filter>
<!--映射过滤非法字符-->
<filter-mapping>
<filter-name>
WordFilter
</filter-name>
<!--与所有请求关联-->
<url-pattern>
/*
</url-pattern>
</filter-mapping>
<!--Servlet配置-->
<servlet>
<servlet-name>
MessageServlet
</servlet-name>
<servlet-class>
yuhaibin.MessageServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>
MessageServlet
</servlet-name>
<url-pattern>
/MessageServlet
</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
</web-app>