会员: 密码:  免费注册 | 忘记密码 | 会员登录 网页功能: 加入收藏 设为首页 网站搜索  
 安全技术技术文档
  · 安全配制
  · 工具介绍
  · 黑客教学
  · 防火墙
  · 漏洞分析
  · 破解专题
  · 黑客编程
  · 入侵检测
 安全技术论坛
  · 安全配制
  · 工具介绍
  · 防火墙
  · 黑客入侵
  · 漏洞检测
  · 破解方法
  · 杀毒专区
 安全技术工具下载
  · 扫描工具
  · 攻击程序
  · 后门木马
  · 拒绝服务
  · 口令破解
  · 代理程序
  · 防火墙
  · 加密解密
  · 入侵检测
  · 攻防演示
技术文档 > JAVA
用Servlvet实现文件上传的功能
发表日期:2004-07-30 17:26:07作者: 出处:  


// file upload module
// It cannot handle nested data (multipart content withinmultipart content)
// or internationalized content (such as non Latin-1 filenames).

//
// Designed by Mouse King, Last modified on August 2nd,2000
// file upload example
// one file control can upload a file once
// you can customize the file size,now it is 5m
// the ftp server target path is /usr/local/jakarta-tomcat/bin。

package BBS;

import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class UploadTest extends HttpServlet {
String rootPath, successMessage;

static final int MAX_SIZE = 102400;
public void init(ServletConfig config) throws ServletException
{
super.init(config);
}

public void doGet(HttpServletRequest request,HttpServletResponse response)
      throws ServletException,IOException
{
  response.setContentType("text/html");
  PrintWriter out = new PrintWriter (response.getOutputStream());
  out.println("<html>");
  out.println("<head><title>Servlet1</title></head>");
  out.println("<body><form ENCTYPE="multipart/form-data" method=post action='><input type=file enctype="multipart/form-data" name=filedata>");
  out.println("<input type=submit></form>");
  out.println("</body></html>");
  out.close();
}


public void doPost(HttpServletRequest request,HttpServletResponse response)
{
  ServletOutputStream out=null;
  DataInputStream in=null;
  FileOutputStream fileOut=null;
  try
  {
  /*set content type of response and get handle to output stream in case we are unable to redirect client*/
    response.setContentType("text/plain");
    out = response.getOutputStream();
  }
  catch (IOException e)
  {
    //print error message to standard out
    System.out.println("Error getting output stream.");
    System.out.println("Error description: " + e);
    return;
  }

  try
  {
  String contentType = request.getContentType();
  //make sure content type is multipart/form-data
  if(contentType != null && contentType.indexOf("multipart/form-data") != -1)
  {
    //open input stream from client to capture upload file
    in = new DataInputStream(request.getInputStream());
    //get length of content data
    int formDataLength = request.getContentLength();
    //allocate a byte array to store content data
    byte dataBytes[] = new byte[formDataLength];
    //read file into byte array
    int bytesRead = 0;
    int totalBytesRead = 0;
    int sizeCheck = 0;
    while (totalBytesRead < formDataLength)
    {
      //check for maximum file size violation
      sizeCheck = totalBytesRead + in.available();
      if (sizeCheck > MAX_SIZE)
      {
        out.println("Sorry, file is too large to upload.");
        return;
      }
      bytesRead = in.read(dataBytes, totalBytesRead, formDataLength);
      totalBytesRead += bytesRead;
    }
    //create string from byte array for easy manipulation
    String file = new String(dataBytes);
    //since byte array is stored in string, release memory
    dataBytes = null;
    /*get boundary value (boundary is a unique string that
    separates content data)*/
    int lastIndex = contentType.lastIndexOf("=");
    String boundary = contentType.substring(lastIndex+1,
    contentType.length());
    //get Directory web variable from request
    String directory="";
    if (file.indexOf("name="Directory"") > 0)
    {
      directory = file.substring(file.indexOf("name="Directory""));
      //remove carriage return
      directory = directory.substring(directory.indexOf(" ")+1);
      //remove carriage return
      directory = directory.substring(directory.indexOf(" ")+1);
      //get Directory
      directory = directory.substring(0,directory.indexOf(" ")-1);
      /*make sure user didn't select a directory higher in the directory tree*/
      if (directory.indexOf("..") > 0)
      {
        out.println("Security Error: You can't upload " +"to a directory higher in the directory tree.");
        return;
      }
    }
  //get SuccessPage web variable from request
  String successPage="";
  if (file.indexOf("name="SuccessPage"") > 0)
  {
  successPage = file.substring(file.indexOf("name="SuccessPage""));
  //remove carriage return
  successPage = successPage.substring(successPage.indexOf(" ")+1);
  //remove carriage return
  successPage = successPage.substring(successPage.indexOf(" ")+1);
  //get success page
  successPage = successPage.substring(0,successPage.indexOf(" ")-1);}
  //get OverWrite flag web variable from request
  String overWrite;
  if (file.indexOf("name="OverWrite"") > 0)
  {
  overWrite = file.substring(file.indexOf("name="OverWrite""));
  //remove carriage return
  overWrite = overWrite.substring(
  overWrite.indexOf(" ")+1);
  //remove carriage return
  overWrite = overWrite.substring(overWrite.indexOf(" ")+1);
  overWrite = overWrite.substring(0,overWrite.indexOf(" ")-1);
  }
  else
  {
  overWrite = "false";
  }
  //get OverWritePage web variable from request
  String overWritePage="";
  if (file.indexOf("name="OverWritePage"") > 0)
  {
  overWritePage = file.substring(file.indexOf("name="OverWritePage""));
  //remove carriage return
  overWritePage = overWritePage.substring(overWritePage.indexOf(" ")+1);
  //remove carriage return
  overWritePage = overWritePage.substring(overWritePage.indexOf(" ")+1);
  //get overwrite page
  overWritePage = overWritePage.substring(0,overWritePage.indexOf(" ")-1);
  }
  //get filename of upload file
  String saveFile = file.substring(file.indexOf("filename="")+10);
  saveFile = saveFile.substring(0,saveFile.indexOf(" "));
  saveFile = saveFile.substring(saveFile.lastIndexOf("\")+1,
  saveFile.indexOf("""));
  /*remove boundary markers and other multipart/form-data
  tags from beginning of upload file section*/
  int pos; //position in upload file
  //find position of upload file section of request
  pos = file.indexOf("filename="");
  //find position of content-disposition line
  pos = file.indexOf(" ",pos)+1;
  //find position of content-type line
  pos = file.indexOf(" ",pos)+1;
  //find position of blank line
  pos = file.indexOf(" ",pos)+1;
  /*find the location of the next boundary marker
  (marking the end of the upload file data)*/
  int boundaryLocation = file.indexOf(boundary,pos)-4;
  //upload file lies between pos and boundaryLocation
  file = file.substring(pos,boundaryLocation);
  //build the full path of the upload file
  String fileName = new String(rootPath + directory +
  saveFile);
  //create File object to check for existence of file
  File checkFile = new File(fileName);
  if (checkFile.exists())
  {
  /*file exists, if OverWrite flag is off, give
  message and abort*/
  if (!overWrite.toLowerCase().equals("true"))
  {
  if (overWritePage.equals(""))
  {
  /*OverWrite HTML page URL not received, respond
  with generic message*/
  out.println("Sorry, file already exists.");
  }
  else
  {
  //redirect client to OverWrite HTML page
  response.sendRedirect(overWritePage);
  }
  return;
  }
  }
  /*create File object to check for existence of
  Directory*/
  File fileDir = new File(rootPath + directory);
  if (!fileDir.exists())
  {
  //Directory doesn't exist, create it
  fileDir.mkdirs();
  }
  //instantiate file output stream
  fileOut = new FileOutputStream(fileName);
  //write the string to the file as a byte array
  fileOut.write(file.getBytes(),0,file.length());
  if (successPage.equals(""))
  {
  /*success HTML page URL not received, respond with
  eneric success message*/
  out.println(successMessage);
  out.println("File written to: " + fileName);
  }
  else
  {
  //redirect client to success HTML page
  response.sendRedirect(successPage);
  }
  }
  else //request is not multipart/form-data
  {
  //send error message to client
  out.println("Request not multipart/form-data.");
  }
  }
  catch(Exception e)
  {
  try
  {
  //print error message to standard out
  System.out.println("Error in doPost: " + e);
  //send error message to client
  out.println("An unexpected error has occurred.");
  out.println("Error description: " + e);
  }
  catch (Exception f) {}
  }
  finally
  {
  try
  {
  fileOut.close(); //close file output stream
  }
  catch (Exception f) {}
  try
  {
  in.close(); //close input stream from client
  }
  catch (Exception f) {}
  try
  {
  out.close(); //close output stream to client
  }
  catch (Exception f) {}
  }
  }

}


返回顶部】 【打印本页】 【关闭窗口

关于我们 / 给我留言 / 版权举报 / 意见建议 / 网站编程QQ群   
Copyright ©2003- 2024 Lihuasoft.net webmaster(at)lihuasoft.net 加载时间 0.00171