import java.util.*;
import java.io.IOException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import dataBase.DataBase;
import smartupload.SmartUpload;
import tools.*;
public class FileUpLoadServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private ServletConfig config;
final public void init(ServletConfig config) throws ServletException {
this.config = config;
}
public FileUpLoadServlet() {
super();
}
public void destroy() {
super.destroy();
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String path = "";
String fileName;
Time t=new Time();
String mtime=Time.getMTime();
DataBase db = new DataBase();
SmartUpload mySmartUpload = new SmartUpload();
try {
// Initialization
mySmartUpload.initialize(config, request, response);
mySmartUpload.setMaxFileSize(1000000);
// 设定允许上传的文件的总长度,用于限制一次性上传的数据量大小
mySmartUpload.setTotalMaxFileSize(2000000);
// 设定允许上传的文件(通过扩展名限制),仅允许doc,txt文件
mySmartUpload.setAllowedFilesList("doc,txt,rar");
// 设定禁止上传的文件(通过扩展名限制),禁止上传带有exe,bat,jsp,htm,html扩展名的//文件和没有扩展名的文件
mySmartUpload.setDeniedFilesList("exe , bat ,jsp ,htm ,html, jpg");
mySmartUpload.upload();
fileName = mySmartUpload.getFiles().getFile(0).getFileName();
path = "upLoad/"+mtime+fileName;
mySmartUpload.getFiles().getFile(0).saveAs(path,
mySmartUpload.SAVE_VIRTUAL);
ArrayList<String> users = new ArrayList<String>();
String now =Time.getDate();
db.connectToDB();
String sql="insert into oa_document(documentID,docName,docPath,docType,uploadTime) values('"+mtime+"','"+fileName+"','"+path+"','0','"+now+"')";
db.executeUpdate(sql);
if(mySmartUpload.getRequest().getParameterValues("userList")!=null){
for (int i = 0; i < mySmartUpload.getRequest().getParameterValues("userList").length; i++)
{
users.add(mySmartUpload.getRequest().getParameterValues("userList")[i]);}
for (int i = 0; i < users.size(); i++)
{
sql="insert into oa_downLoad_right(userName,documentID) values('"+users.get(i)+"','"+mtime+"')";
db.executeUpdate(sql);
}}
} catch (Exception e) {
e.printStackTrace();
System.out.println("Unable to upload the file.<br>");
System.out.println("Error : " + e.toString());
}
db.close();
response.sendRedirect("fileUpLoad.jsp");
}
public void init() throws ServletException {
// Put your code here
}
}
Java code
package smartupload; import java.io.ByteArrayInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.math.BigInteger; import java.sql.ResultSet; import java.sql.SQLException; import javax.servlet.ServletException; public class SmartFile { private SmartUpload m_parent; private int m_startData; private int m_endData; private int m_size; private String m_fieldname; private String m_filename; private String m_fileExt; private String m_filePathName; private String m_contentType; private String m_contentDisp; private String m_typeMime; private String m_subTypeMime; // private String m_contentString; private boolean m_isMissing; public static final int SAVEAS_AUTO = 0 ; public static final int SAVEAS_VIRTUAL = 1 ; public static final int SAVEAS_PHYSICAL = 2 ; SmartFile() { m_startData = 0 ; m_endData = 0 ; m_size = 0 ; m_fieldname = "" ; // new String(""); m_filename = "" ; // new String(); m_fileExt = "" ; // new String(); m_filePathName = "" ; // new String(""); m_contentType = "" ; // new String(); m_contentDisp = "" ; // new String(); m_typeMime = "" ; // new String(); m_subTypeMime = "" ; // new String(); // m_contentString = ""; // new String(); m_isMissing = true ; } public void saveAs(String s) throws IOException,SmartUploadException { saveAs(s, 0 ); } public void saveAs(String s, int i) throws IOException,SmartUploadException { // Method invokes dubious new String() constructor; just use "" // Creating a new java.lang.String object using the no-argument constructor wastes memory because the object so created will be functionally indistinguishable from the empty string constant ""./u00A0 Java guarantees that identical string constants will be represented by the same String object./u00A0 Therefore, you should just use the empty string constant directly. // String s1 = new String(); String s1 = "" ; s1 = m_parent.getPhysicalPath(s,i); if (s1 == null ) { throw new IllegalArgumentException( " There is no specified destination file (1140). " ); } try { java.io.File file = new java.io.File(s1); FileOutputStream fileoutputstream = new FileOutputStream(file); fileoutputstream.write(m_parent.m_binArray,m_startData,m_size); fileoutputstream.close(); } catch (IOException ioexception) { throw new SmartUploadException( " File can't be saved (1120). " ); } } public void fileToField(ResultSet resultset,String s) throws ServletException,IOException,SmartUploadException,SQLException { long l = 0L ; int i = 0x10000 ; int j = 0 ; int k = m_startData; if (resultset == null ) { throw new IllegalArgumentException( " The RecordSet cannot be null (1145). " ); } if (s == null ) { throw new IllegalArgumentException( " The columnName cannot be null (1150). " ); } if (s.length() == 0 ) { throw new IllegalArgumentException( " The columnName cannot be empty (1155). " ); } l = BigInteger.valueOf(m_size).divide(BigInteger.valueOf(i)).longValue(); j = BigInteger.valueOf(m_size).mod(BigInteger.valueOf(i)).intValue(); try { for ( int i1 = 1 ;( long )i1 < l;i1 ++ ) { resultset.updateBinaryStream(s, new ByteArrayInputStream(m_parent.m_binArray,k,i),i); k = k != 0 ? k : 1 ; k = i1 * i + m_startData; } if (j > 0 ) { resultset.updateBinaryStream(s, new ByteArrayInputStream(m_parent.m_binArray,k,j),j); } } catch (SQLException sqlexception) { byte abyte0[] = new byte [m_size]; System.arraycopy(m_parent.m_binArray,m_startData,abyte0, 0 ,m_size); resultset.updateBytes(s,abyte0); } catch (Exception exception) { throw new SmartUploadException( " Unable to save file in the DataBase (1130). " ); } } public boolean isMissing() { return m_isMissing; } public String getFieldName() { return m_fieldname; } public String getFileName() { return m_filename; } public String getFilePathName() { return m_filePathName; } public String getFileExt() { return m_fileExt; } public String getContentType() { return m_contentType; } public String getContentDisp() { return m_contentDisp; } public String getContentString() { String s = new String(m_parent.m_binArray,m_startData,m_size); return s; } public String getTypeMIME() throws IOException { return m_typeMime; } public String getSubTypeMIME() { return m_subTypeMime; } public int getSize() { return m_size; } protected int getStartData() { return m_startData; } protected int getEndData() { return m_endData; } protected void setParent(SmartUpload smartupload) { m_parent = smartupload; } protected void setStartData( int i) { m_startData = i; } protected void setEndData( int i) { m_endData = i; } protected void setSize( int i) { m_size = i; } protected void setIsMissing( boolean flag) { m_isMissing = flag; } protected void setFieldName(String s) { m_fieldname = s; } protected void setFileName(String s) { m_filename = s; } protected void setFilePathName(String s) { m_filePathName = s; } protected void setFileExt(String s) { m_fileExt = s; } protected void setContentType(String s) { m_contentType = s; } protected void setContentDisp(String s) { m_contentDisp = s; } protected void setTypeMIME(String s) { m_typeMime = s; } protected void setSubTypeMIME(String s) { m_subTypeMime = s; } public byte getBinaryData( int i) { if (m_startData + i > m_endData) { throw new ArrayIndexOutOfBoundsException( " Index Out of range (1115). " ); } if (m_startData + i <= m_endData) { return m_parent.m_binArray[m_startData + i]; } else { return 0 ; } } }
Java code
package smartupload; import java.io.IOException; import java.util.Collection; import java.util.Enumeration; import java.util.Hashtable; public class SmartFiles { // private SmartUpload m_parent; private Hashtable m_files; private int m_counter; SmartFiles() { m_files = new Hashtable(); m_counter = 0 ; } protected void addFile(SmartFile file) { if (file == null ) { throw new IllegalArgumentException( " newFile cannot be null. " ); } else { m_files.put( new Integer(m_counter), file); m_counter ++ ; return ; } } public SmartFile getFile( int i) { if (i < 0 ) { throw new IllegalArgumentException( " File's index cannot be a negative value (1210). " ); } SmartFile file = (SmartFile) m_files.get( new Integer(i)); if (file == null ) { throw new IllegalArgumentException( " Files' name is invalid or does not exist (1205). " ); } else { return file; } } public int getCount() { return m_counter; } public long getSize() throws IOException { long l = 0L ; for ( int i = 0 ; i < m_counter; i ++ ) { l += getFile(i).getSize(); } return l; } public Collection getCollection() { return m_files.values(); } public Enumeration getEnumeration() { return m_files.elements(); } }
-
Java code
-
package smartupload; import java.util.Enumeration; import java.util.Hashtable; public class SmartRequest { private Hashtable m_parameters; private int m_counter; SmartRequest() { m_parameters = new Hashtable(); m_counter = 0 ; } protected void putParameter(String s,String s1) { if (s == null ) { throw new IllegalArgumentException( " The name of an element cannot be null. " ); } if (m_parameters.containsKey(s)) { Hashtable hashtable = (Hashtable)m_parameters.get(s); hashtable.put( new Integer(hashtable.size()),s1); } else { Hashtable hashtable1 = new Hashtable(); hashtable1.put( new Integer( 0 ),s1); m_parameters.put(s,hashtable1); m_counter ++ ; } } public String getParameter(String s) { if (s == null ) { throw new IllegalArgumentException( " Form's name is invalid or does not exist (1305). " ); } Hashtable hashtable = (Hashtable)m_parameters.get(s); if (hashtable == null ) { return null ; } else { return (String)hashtable.get( new Integer( 0 )); } } public Enumeration getParameterNames() { return m_parameters.keys(); } public String[] getParameterValues(String s) { if (s == null ) { throw new IllegalArgumentException( " Form's name is invalid or does not exist (1305). " ); } Hashtable hashtable = (Hashtable)m_parameters.get(s); if (hashtable == null ) { return null ; } String as[] = new String[hashtable.size()]; for ( int i = 0 ;i < hashtable.size();i ++ ) { as[i] = (String)hashtable.get( new Integer(i)); } return as; } }
Java code
package
smartupload;
import
java.io.FileInputStream;
import
java.io.FileOutputStream;
import
java.io.IOException;
import
java.io.InputStream;
import
java.sql.ResultSet;
import
java.sql.SQLException;
import
java.util.Vector;
import
javax.servlet.ServletConfig;
import
javax.servlet.ServletContext;
import
javax.servlet.ServletException;
import
javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse;
import
javax.servlet.http.HttpSession;
import
javax.servlet.jsp.JspWriter;
import
javax.servlet.jsp.PageContext;
public
class
SmartUpload {
protected
byte
m_binArray[];
protected
HttpServletRequest m_request;
protected
HttpServletResponse m_response;
protected
ServletContext m_application;
private
int
m_totalBytes;
private
int
m_currentIndex;
private
int
m_startData;
private
int
m_endData;
private
String m_boundary;
private
long
m_totalMaxFileSize;
private
long
m_maxFileSize;
private
Vector m_deniedFilesList;
private
Vector m_allowedFilesList;
private
boolean
m_denyPhysicalPath;
//
private boolean m_forcePhysicalPath;
private
String m_contentDisposition;
public
static
final
int
SAVE_AUTO
=
0
;
public
static
final
int
SAVE_VIRTUAL
=
1
;
public
static
final
int
SAVE_PHYSICAL
=
2
;
private
SmartFiles m_files;
private
SmartRequest m_formRequest;
public
SmartUpload() {
m_totalBytes
=
0
;
m_currentIndex
=
0
;
m_startData
=
0
;
m_endData
=
0
;
m_boundary
=
""
;
//
new String();
m_totalMaxFileSize
=
0L
;
m_maxFileSize
=
0L
;
m_deniedFilesList
=
new
Vector();
m_allowedFilesList
=
new
Vector();
m_denyPhysicalPath
=
false
;
//
m_forcePhysicalPath = false;
m_contentDisposition
=
""
;
//
new String();
m_files
=
new
SmartFiles();
m_formRequest
=
new
SmartRequest();
}
/**
*
@deprecated
Method init is deprecated
*/
public
final
void
init(ServletConfig servletconfig)
throws
ServletException {
m_application
=
servletconfig.getServletContext();
}
/**
*
@deprecated
Method service is deprecated
*/
public
void
service(HttpServletRequest httpservletrequest,
HttpServletResponse httpservletresponse)
throws
ServletException,
IOException {
m_request
=
httpservletrequest;
m_response
=
httpservletresponse;
}
public
final
void
initialize(ServletConfig servletconfig,
HttpServletRequest httpservletrequest,
HttpServletResponse httpservletresponse)
throws
ServletException {
m_application
=
servletconfig.getServletContext();
m_request
=
httpservletrequest;
m_response
=
httpservletresponse;
}
public
final
void
initialize(PageContext pagecontext)
throws
ServletException {
m_application
=
pagecontext.getServletContext();
m_request
=
(HttpServletRequest) pagecontext.getRequest();
m_response
=
(HttpServletResponse) pagecontext.getResponse();
}
/**
*
@deprecated
Method initialize is deprecated
*/
public
final
void
initialize(ServletContext servletcontext,
HttpSession httpsession, HttpServletRequest httpservletrequest,
HttpServletResponse httpservletresponse, JspWriter jspwriter)
throws
ServletException {
m_application
=
servletcontext;
m_request
=
httpservletrequest;
m_response
=
httpservletresponse;
}
public
void
upload()
throws
ServletException, IOException,
SmartUploadException {
int
i
=
0
;
//
boolean flag = false;
boolean
flag1
=
false
;
//
boolean flag2 = false;
long
l
=
0L
;
//
String s = "";
//
new String();
//
String s2 = "";
//
new String();
String s4
=
""
;
//
new String();
String s5
=
""
;
//
new String();
String s6
=
""
;
//
new String();
String s7
=
""
;
//
new String();
String s8
=
""
;
//
new String();
String s9
=
""
;
//
new String();
String s10
=
""
;
//
new String();
m_totalBytes
=
m_request.getContentLength();
m_binArray
=
new
byte
[m_totalBytes];
int
j;
for
(; i
<
m_totalBytes; i
+=
j) {
try
{
m_request.getInputStream();
j
=
m_request.getInputStream().read(m_binArray, i,
m_totalBytes
-
i);
}
catch
(Exception exception) {
throw
new
SmartUploadException(
"
Unable to upload.
"
);
}
}
for
(;
!
flag1
&&
m_currentIndex
<
m_totalBytes; m_currentIndex
++
) {
if
(m_binArray[m_currentIndex]
==
13
) {
flag1
=
true
;
}
else
{
m_boundary
=
m_boundary
+
(
char
) m_binArray[m_currentIndex];
}
}
if
(m_currentIndex
==
1
) {
return
;
}
for
(m_currentIndex
++
; m_currentIndex
<
m_totalBytes; m_currentIndex
=
m_currentIndex
+
2
) {
String s1
=
getDataHeader();
m_currentIndex
=
m_currentIndex
+
2
;
boolean
flag3
=
s1.indexOf(
"
filename
"
)
>
0
;
String s3
=
getDataFieldValue(s1,
"
name
"
);
if
(flag3) {
s6
=
getDataFieldValue(s1,
"
filename
"
);
s4
=
getFileName(s6);
s5
=
getFileExt(s4);
s7
=
getContentType(s1);
s8
=
getContentDisp(s1);
s9
=
getTypeMIME(s7);
s10
=
getSubTypeMIME(s7);
}
getDataSection();
if
(flag3
&&
s4.length()
>
0
) {
if
(m_deniedFilesList.contains(s5)) {
throw
new
SecurityException(
"
The extension of the file is denied to be uploaded (1015).
"
);
}
if
(
!
m_allowedFilesList.isEmpty()
&&
!
m_allowedFilesList.contains(s5)) {
throw
new
SecurityException(
"
The extension of the file is not allowed to be uploaded (1010).
"
);
}
if
(m_maxFileSize
>
0L
&&
(
long
) ((m_endData
-
m_startData)
+
1
)
>
m_maxFileSize) {
throw
new
SecurityException(
"
Size exceeded for this file :
"
+
s4
+
"
(1105).
"
);
}
l
+=
(m_endData
-
m_startData)
+
1
;
if
(m_totalMaxFileSize
>
0L
&&
l
>
m_totalMaxFileSize) {
throw
new
SecurityException(
"
Total File Size exceeded (1110).
"
);
}
}
if
(flag3) {
SmartFile file
=
new
SmartFile();
file.setParent(
this
);
file.setFieldName(s3);
file.setFileName(s4);
file.setFileExt(s5);
file.setFilePathName(s6);
file.setIsMissing(s6.length()
==
0
);
file.setContentType(s7);
file.setContentDisp(s8);
file.setTypeMIME(s9);
file.setSubTypeMIME(s10);
if
(s7.indexOf(
"
application/x-macbinary
"
)
>
0
) {
m_startData
=
m_startData
+
128
;
}
file.setSize((m_endData
-
m_startData)
+
1
);
file.setStartData(m_startData);
file.setEndData(m_endData);
m_files.addFile(file);
}
else
{
String s11
=
new
String(m_binArray, m_startData,
(m_endData
-
m_startData)
+
1
);
m_formRequest.putParameter(s3, s11);
}
if
((
char
) m_binArray[m_currentIndex
+
1
]
==
'
-
'
) {
break
;
}
}
}
public
int
save(String s)
throws
ServletException, IOException,
SmartUploadException {
return
save(s,
0
);
}
-
public
int
save(String s,
int
i)
throws
ServletException, IOException,
SmartUploadException {
int
j
=
0
;
if
(s
==
null
) {
s
=
m_application.getRealPath(
"
/
"
);
//
System.out.println("s == null,m_application.getRealPath:" + s);
}
if
(s.indexOf(
"
/
"
)
!=
-
1
) {
if
(s.charAt(s.length()
-
1
)
!=
'
/
'
) {
s
=
s
+
"
/
"
;
//
System.out.println("m_application.getRealPath::" + s);
}
}
else
{
if
(s.charAt(s.length()
-
1
)
!=
'
//
'
) {
s
=
s
+
"
//
"
;
//
System.out.println("m_application.getRealPath" + s);
}
}
//
System.out.println("m_application.getRealPath:::" + s);
FileNames
=
new
String[m_files.getCount()];
for
(
int
k
=
0
; k
<
m_files.getCount(); k
++
) {
if
(
!
m_files.getFile(k).isMissing()) {
//
System.out.println("s + m_files.getFile(k).getFileName():" + s + m_files.getFile(k).getFileName());
m_files.getFile(k).saveAs(s
+
m_files.getFile(k).getFileName(),
i);
FileNames[j]
=
s
+
m_files.getFile(k).getFileName();
j
++
;
}
}
return
j;
}
//
Add
private
String[] FileNames;
public
String[] getFileNames() {
//
Method may expose internal representation by returning array
//
Returning an array value stored in one of the object's fields exposes the internal representation of the object.? For classes shared by other untrusted classes, this could potentially be a security issue.? Returning a new copy of the array is better approach in many situations.
String[] vFileNames
=
new
String[FileNames.length];
System.arraycopy(FileNames,
0
, vFileNames,
0
, FileNames.length);
return
vFileNames;
}
public
int
getSize() {
return
m_totalBytes;
}
public
byte
getBinaryData(
int
i) {
byte
byte0;
try
{
byte0
=
m_binArray[i];
}
catch
(Exception exception) {
throw
new
ArrayIndexOutOfBoundsException(
"
Index out of range (1005).
"
);
}
return
byte0;
}
public
SmartFiles getFiles() {
return
m_files;
}
public
SmartRequest getRequest() {
return
m_formRequest;
}
public
void
downloadFile(String s)
throws
ServletException, IOException,
SmartUploadException {
downloadFile(s,
null
,
null
);
}
public
void
downloadFile(String s, String s1)
throws
ServletException,
IOException, SmartUploadException, SmartUploadException {
downloadFile(s, s1,
null
);
}
public
void
downloadFile(String s, String s1, String s2)
throws
ServletException, IOException, SmartUploadException {
downloadFile(s, s1, s2,
65000
);
}
public
void
downloadFile(String s, String s1, String s2,
int
i)
throws
ServletException, IOException, SmartUploadException {
if
(s
==
null
) {
throw
new
IllegalArgumentException(
"
File '
"
+
s
+
"
' not found (1040).
"
);
}
if
(s.equals(
""
)) {
throw
new
IllegalArgumentException(
"
File '
"
+
s
+
"
' not found (1040).
"
);
}
if
(
!
isVirtual(s)
&&
m_denyPhysicalPath) {
throw
new
SecurityException(
"
Physical path is denied (1035).
"
);
}
if
(isVirtual(s)) {
s
=
m_application.getRealPath(s);
}
java.io.File file
=
new
java.io.File(s);
FileInputStream fileinputstream
=
new
FileInputStream(file);
long
l
=
file.length();
//
boolean flag = false;
int
k
=
0
;
byte
abyte0[]
=
new
byte
[i];
if
(s1
==
null
) {
m_response.setContentType(
"
application/x-msdownload
"
);
}
else
{
if
(s1.length()
==
0
) {
m_response.setContentType(
"
application/x-msdownload
"
);
}
else
{
m_response.setContentType(s1);
}
}
m_response.setContentLength((
int
) l);
m_contentDisposition
=
m_contentDisposition
!=
null
?
m_contentDisposition
:
"
attachment;
"
;
if
(s2
==
null
) {
m_response.setHeader(
"
Content-Disposition
"
, m_contentDisposition
+
"
filename=
"
+
toUtf8String(getFileName(s)));
}
else
{
if
(s2.length()
==
0
) {
m_response.setHeader(
"
Content-Disposition
"
,
m_contentDisposition);
}
else
{
m_response.setHeader(
"
Content-Disposition
"
,
m_contentDisposition
+
"
filename=
"
+
s2);
}
}
while
((
long
) k
<
l) {
int
j
=
fileinputstream.read(abyte0,
0
, i);
k
+=
j;
m_response.getOutputStream().write(abyte0,
0
, j);
}
fileinputstream.close();
}
/**
* 将文件名中的汉字转为UTF8编码的串,以便下载时能正确显示另存的文件名. 纵横软件制作中心雨亦奇2003.08.01
*
*
@param
s
* 原文件名
*
@return
重新编码后的文件名
*/
public
static
String toUtf8String(String s) {
StringBuffer sb
=
new
StringBuffer();
for
(
int
i
=
0
; i
<
s.length(); i
++
) {
char
c
=
s.charAt(i);
if
(c
>=
0
&&
c
<=
255
) {
sb.append(c);
}
else
{
byte
[] b;
try
{
b
=
Character.toString(c).getBytes(
"
utf-8
"
);
}
catch
(Exception ex) {
System.out.println(ex);
b
=
new
byte
[
0
];
}
for
(
int
j
=
0
; j
<
b.length; j
++
) {
int
k
=
b[j];
if
(k
<
0
)
k
+=
256
;
sb.append(
"
%
"
+
Integer.toHexString(k).toUpperCase());
}
}
}
return
sb.toString();
}
public
void
downloadField(ResultSet resultset, String s, String s1,
String s2)
throws
ServletException, IOException, SQLException {
if
(resultset
==
null
) {
throw
new
IllegalArgumentException(
"
The RecordSet cannot be null (1045).
"
);
}
if
(s
==
null
) {
throw
new
IllegalArgumentException(
"
The columnName cannot be null (1050).
"
);
}
if
(s.length()
==
0
) {
throw
new
IllegalArgumentException(
"
The columnName cannot be empty (1055).
"
);
}
byte
abyte0[]
=
resultset.getBytes(s);
if
(s1
==
null
) {
m_response.setContentType(
"
application/x-msdownload
"
);
}
else
{
if
(s1.length()
==
0
) {
m_response.setContentType(
"
application/x-msdownload
"
);
}
else
{
m_response.setContentType(s1);
}
}
m_response.setContentLength(abyte0.length);
if
(s2
==
null
) {
m_response.setHeader(
"
Content-Disposition
"
,
"
attachment;
"
);
}
else
{
if
(s2.length()
==
0
) {
m_response.setHeader(
"
Content-Disposition
"
,
"
attachment;
"
);
}
else
{
m_response.setHeader(
"
Content-Disposition
"
,
"
attachment; filename=
"
+
s2);
}
}
m_response.getOutputStream().write(abyte0,
0
, abyte0.length);
}
public
void
fieldToFile(ResultSet resultset, String s, String s1)
throws
ServletException, IOException, SmartUploadException,
SQLException {
try
{
if
(m_application.getRealPath(s1)
!=
null
) {
s1
=
m_application.getRealPath(s1);
}
InputStream inputstream
=
resultset.getBinaryStream(s);
FileOutputStream fileoutputstream
=
new
FileOutputStream(s1);
int
i;
while
((i
=
inputstream.read())
!=
-
1
) {
fileoutputstream.write(i);
}
fileoutputstream.close();
}
catch
(Exception exception) {
throw
new
SmartUploadException(
"
Unable to save file from the DataBase (1020).
"
);
}
}
private
String getDataFieldValue(String s, String s1) {
String s2
=
""
;
//
= new String();
String s3
=
""
;
//
= new String();
int
i
=
0
;
//
boolean flag = false;
//
boolean flag1 = false;
//
boolean flag2 = false;
s2
=
s1
+
"
=
"
+
'
"
'
;
i
=
s.indexOf(s2);
if
(i
>
0
) {
int
j
=
i
+
s2.length();
int
k
=
j;
s2
=
"
/"
"
;
int
l
=
s.indexOf(s2, j);
if
(k
>
0
&&
l
>
0
) {
s3
=
s.substring(k, l);
}
}
return
s3;
}
private String getFileExt(String s) {
String s1; // = new String();
int i = 0;
int j = 0;
if (s == null) {
return null;
}
i = s.lastIndexOf('.') + 1;
j = s.length();
s1 = s.substring(i, j);
if (s.lastIndexOf('.') > 0) {
return s1;
} else {
return "";
}
}
private String getContentType(String s) {
String s1 = ""; // = new String();
String s2 = ""; // = new String();
int i = 0;
//boolean flag = false;
s1 = "Content-Type:";
i = s.indexOf(s1) + s1.length();
if (i != -1) {
int j = s.length();
s2 = s.substring(i, j);
}
return s2;
}
private String getTypeMIME(String s) {
//String s1 = new String();
int i = 0;
i = s.indexOf("/");
if (i != -1) {
return s.substring(1, i);
} else {
return s;
}
}
private String getSubTypeMIME(String s) {
//String s1 = new String();
//boolean flag = false;
int i = 0;
i = s.indexOf("/") + 1;
if (i != -1) {
int j = s.length();
return s.substring(i, j);
} else {
return s;
}
}
private String getContentDisp(String s) {
//String s1 = new String();
String s1 = "";
int i = 0;
int j = 0;
i = s.indexOf(":") + 1;
j = s.indexOf(";");
s1 = s.substring(i, j);
return s1;
}
private void getDataSection() {
//boolean flag = false;
//String s = "";
//String s = new String();
int i = m_currentIndex;
int j = 0;
int k = m_boundary.length();
m_startData = m_currentIndex;
m_endData = 0;
while (i < m_totalBytes) {
if (m_binArray[i] == (byte) m_boundary.charAt(j)) {
if (j == k - 1) {
m_endData = ((i - k) + 1) - 3;
break;
}
i++;
j++;
} else {
i++;
j = 0;
}
}
m_currentIndex = m_endData + k + 3;
}
private String getDataHeader() {
//boolean flag = false;
int i = m_currentIndex;
int j = 0;
for (boolean flag1 = false; !flag1;) {
if (m_binArray[m_currentIndex] == 13
&& m_binArray[m_currentIndex + 2] == 13) {
flag1 = true;
j = m_currentIndex - 1;
m_currentIndex = m_currentIndex + 2;
} else {
m_currentIndex++;
}
}
String s = new String(m_binArray, i, (j - i) + 1);
return s;
}
private String getFileName(String s) {
//String s1 = ""; // = new String();
//String s2 = ""; // = new String();
//boolean flag = false;
//boolean flag1 = false;
//boolean flag2 = false;
int i = 0;
i = s.lastIndexOf('/');
if (i != -1) {
return s.substring(i + 1, s.length());
}
i = s.lastIndexOf('//');
if (i != -1) {
return s.substring(i + 1, s.length());
} else {
return s;
}
}
public void setDeniedFilesList(String s) throws ServletException,
IOException, SQLException {
//String s1 = "";
if (s != null) {
String s2 = "";
for (int i = 0; i < s.length(); i++) {
if (s.charAt(i) == ',') {
if (!m_deniedFilesList.contains(s2)) {
m_deniedFilesList.addElement(s2);
}
s2 = "";
} else {
s2 = s2 + s.charAt(i);
}
}
//if(s2 != "")
if (!s2.equals("")) {
m_deniedFilesList.addElement(s2);
}
} else {
m_deniedFilesList = null;
}
}
public void setAllowedFilesList(String s) {
//String s1 = "";
if (s != null) {
String s2 = "";
for (int i = 0; i < s.length(); i++) {
if (s.charAt(i) == ',') {
if (!m_allowedFilesList.contains(s2)) {
m_allowedFilesList.addElement(s2);
}
s2 = "";
} else {
s2 = s2 + s.charAt(i);
}
}
//if(s2 != "")
if (!s2.equals("")) {
m_allowedFilesList.addElement(s2);
}
} else {
m_allowedFilesList = null;
}
}
public void setDenyPhysicalPath(boolean flag) {
m_denyPhysicalPath = flag;
}
public void setForcePhysicalPath(boolean flag) {
//m_forcePhysicalPath = flag;
}
public void setContentDisposition(String s) {
m_contentDisposition = s;
}
public void setTotalMaxFileSize(long l) {
m_totalMaxFileSize = l;
}
public void setMaxFileSize(long l) {
m_maxFileSize = l;
}
protected String getPhysicalPath(String s, int i) throws IOException {
String s1 = ""; //new String();
String s2 = ""; //new String();
String s3 = ""; //new String();
boolean flag = false;
s3 = System.getProperty("file.separator");
if (s == null) {
throw new IllegalArgumentException(
"There is no specified destination file (1140).");
}
if (s.equals("")) {
throw new IllegalArgumentException(
"There is no specified destination file (1140).");
}
if (s.lastIndexOf("//") >= 0) {
s1 = s.substring(0, s.lastIndexOf("//"));
s2 = s.substring(s.lastIndexOf("//") + 1);
}
if (s.lastIndexOf("/") >= 0) {
s1 = s.substring(0, s.lastIndexOf("/"));
s2 = s.substring(s.lastIndexOf("/") + 1);
}
s1 = s1.length() != 0 ? s1 : "/";
java.io.File file = new java.io.File(s1);
if (file.exists()) {
flag = true;
}
if (i == 0) {
if (isVirtual(s1)) {
s1 = m_application.getRealPath(s1);
if (s1.endsWith(s3)) {
s1 = s1 + s2;
} else {
s1 = s1 + s3 + s2;
}
return s1;
}
if (flag) {
if (m_denyPhysicalPath) {
throw new IllegalArgumentException(
"Physical path is denied (1125).");
} else {
return s;
}
} else {
throw new IllegalArgumentException(
"This path does not exist (1135).");
}
}
if (i == 1) {
if (isVirtual(s1)) {
s1 = m_application.getRealPath(s1);
if (s1.endsWith(s3)) {
s1 = s1 + s2;
} else {
s1 = s1 + s3 + s2;
}
return s1;
}
if (flag) {
throw new IllegalArgumentException(
"The path is not a virtual path.");
} else {
throw new IllegalArgumentException(
"This path does not exist (1135).");
}
}
if (i == 2) {
if (flag) {
if (m_denyPhysicalPath) {
throw new IllegalArgumentException(
"Physical path is denied (1125).");
} else {
return s;
}
}
if (isVirtual(s1)) {
throw new IllegalArgumentException(
"The path is not a physical path.");
} else {
throw new IllegalArgumentException(
"This path does not exist (1135).");
}
} else {
return null;
}
}
public void uploadInFile(String s) throws IOException, SmartUploadException {
//boolean flag = false;
int i = 0;
int j = 0;
if (s == null) {
throw new IllegalArgumentException(
"There is no specified destination file (1025).");
}
if (s.length() == 0) {
throw new IllegalArgumentException(
"There is no specified destination file (1025).");
}
if (!isVirtual(s) && m_denyPhysicalPath) {
throw new SecurityException("Physical path is denied (1035).");
}
i = m_request.getContentLength();
m_binArray = new byte[i];
int k;
for (; j < i; j += k) {
try {
k = m_request.getInputStream().read(m_binArray, j, i - j);
} catch (Exception exception) {
throw new SmartUploadException("Unable to upload.");
}
}
if (isVirtual(s)) {
s = m_application.getRealPath(s);
}
try {
java.io.File file = new java.io.File(s);
FileOutputStream fileoutputstream = new FileOutputStream(file);
fileoutputstream.write(m_binArray);
fileoutputstream.close();
} catch (Exception exception1) {
throw new SmartUploadException(
"The Form cannot be saved in the specified file (1030).");
}
}
private boolean isVirtual(String s) {
if (m_application.getRealPath(s) != null) {
java.io.File file = new java.io.File(m_application.getRealPath(s));
return file.exists();
} else {
return false;
}
}
}
package smartupload;
public class SmartUploadException extends Exception
{
SmartUploadException(String s)
{
super(s);
}
}
3114
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
