1)使用之前的准备:
引入 commons-fileupload-1.1.1.jar 和 commons-io-1.2.jar 这2个jar包。
请求文件:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
</head>
<body>
<form action="../FileUpload" method="post" enctype="multipart/form-data" name="form1">
<input type="hidden" name="id" value=“<%= id %>”>
<input type="file"name="file">
<input type="submit" name="Submit" value="上传">
</form>
</body>
</html>
处理文件:
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.*;
import java.util.*;
import java.util.regex.*;
import java.io.*;
import org.apache.commons.fileupload.servlet.*;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
public class FileUpload extends HttpServlet {
private static final long serialVersionUID = 1L;
public void init() throws ServletException {
}
public void destroy() {
super.destroy();
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html; charset=GB2312");
PrintWriter out = response.getWriter();
System.out.println(request.getContentLength());
System.out.println(request.getContentType());
DiskFileItemFactory factory = new DiskFileItemFactory();
// maximum size that will be stored in memory
factory.setSizeThreshold(4096); // Threshold 临界值
// the location for saving data that is larger than getSizeThreshold()
factory.setRepository(new File("d:\\temp"));
ServletFileUpload upload = new ServletFileUpload(factory);
// maximum size before a FileUploadException will be thrown
upload.setSizeMax(1000000);
try {
List fileItems = upload.parseRequest(request);
// assume we know there are two files. The first file is a small
// text file, the second is unknown and is written to a file on
// the server
Iterator iter = fileItems.iterator();
// 正则匹配,过滤路径取文件名
String regExp = ".+\\\\(.+)$";
// 过滤掉的文件类型
String[] errorType = { ".exe", ".com", ".cgi", ".asp",".jsp" };
Pattern p = Pattern.compile(regExp);
while (iter.hasNext()) {
FileItem item = (FileItem) iter.next();
if (item.isFormField()) { //表单的一般域(非文件域)
}
if (!item.isFormField()) { // 表单的文件域
String name = item.getName();
long size = item.getSize();
if ((name == null || name.equals("")) && size == 0)
continue;
Matcher m = p.matcher(name);
boolean result = m.find();
if (result) {
for (int temp = 0; temp < errorType.length; temp++) {
if (m.group(1).endsWith(errorType[temp])) {
throw new IOException(name + ": wrong type");
}
}
try {
// 保存上传的文件到指定的目录
item.write(new File("d:\\" + m.group(1)));
out.print(name + " " + size + "<br>");
} catch (Exception e) {
out.println(e);
}
} else {
throw new IOException("fail to upload");
}
}
}
} catch (IOException e) {
out.println(e);
} catch (FileUploadException e) {
out.println(e);
}
}
}