|
1
2 package org.roller.presentation.website.actions;
3
4 import java.io.IOException  ;
5 import java.io.InputStream ;
6 import java.util.Iterator ;
7
8 import javax.servlet.ServletContext ;
9 import javax.servlet.ServletException ;
10 import javax.servlet.http.HttpServletRequest ;
11 import javax.servlet.http.HttpServletResponse ;
12
13 import org.apache.commons.logging.Log;
14 import org.apache.commons.logging.LogFactory;
15 import org.apache.struts.action.ActionError;
16 import org.apache.struts.action.ActionErrors;
17 import org.apache.struts.action.ActionForm;
18 import org.apache.struts.action.ActionForward;
19 import org.apache.struts.action.ActionMapping;
20 import org.apache.struts.actions.DispatchAction;
21 import org.apache.struts.upload.FormFile;
22 import org.roller.RollerException;
23 import org.roller.config.RollerRuntimeConfig;
24 import org.roller.model.FileManager;
25 import org.roller.pojos.UserData;
26 import org.roller.pojos.WebsiteData;
27 import org.roller.presentation.RollerRequest;
28 import org.roller.presentation.website.formbeans.UploadFileForm;
29 import org.roller.util.RollerMessages;
30
31
32
39 public final class UploadFileFormAction extends DispatchAction
40 {
41 private static Log mLogger =
42 LogFactory.getFactory().getInstance(UploadFileFormAction.class);
43
44
47 public ActionForward upload(
48 ActionMapping mapping,
49 ActionForm actionForm,
50 HttpServletRequest request,
51 HttpServletResponse response)
52 throws IOException , ServletException
53 {
54 RollerRequest rreq = null;
55 ActionForward fwd = mapping.findForward("uploadFiles.page");
56 UserData user = null;
57 WebsiteData website = null;
58 RollerMessages msgs = new RollerMessages();
59 try
60 {
61 rreq = RollerRequest.getRollerRequest(request);
62 if ( !rreq.isUserAuthorizedToEdit() )
63 {
64 return mapping.findForward("access-denied");
65 }
66 website = rreq.getWebsite();
67 user = website.getUser();
68 }
69 catch (Exception e)
70 {
71 mLogger.warn("Unable to find user.");
72 return fwd;
73 }
74
75 ActionErrors errors = new ActionErrors();
76 UploadFileForm theForm = (UploadFileForm)actionForm;
77 if ( theForm.getUploadedFile() != null )
78 {
79 ServletContext app = servlet.getServletConfig().getServletContext();
80
81 boolean uploadEnabled =
82 RollerRuntimeConfig.getBooleanProperty("uploads.enabled");
83
84 if ( !uploadEnabled )
85 {
86 errors.add(ActionErrors.GLOBAL_ERROR,
87 new ActionError("error.upload.disabled", ""));
88 saveErrors(request, errors);
89 return fwd;
90 }
91
92 String encoding = request.getCharacterEncoding();
95 if ((encoding != null) && (encoding.equalsIgnoreCase("utf-8")))
96 {
97 response.setContentType("text/html; charset=utf-8");
98 }
99
100 FormFile[] files = new FormFile[]{theForm.getUploadedFile()};
103 int fileSize = 0;
104 try
105 {
106 for (int i=0; i<files.length; i++)
107 {
108 if (files[i] == null) continue;
109
110 String fileName= files[i].getFileName();
112 int terminated = fileName.indexOf("\000");
113 if (terminated != -1)
114 {
115 fileName = fileName.substring(0, terminated).trim();
117 }
118
119 fileSize = files[i].getFileSize();
120
121 FileManager fmgr = rreq.getRoller().getFileManager();
123 if (fmgr.canSave(website, fileName, fileSize, msgs))
124 {
125 InputStream stream = files[i].getInputStream();
126 fmgr.saveFile(website, fileName, fileSize, stream);
127 }
128
129 files[i].destroy();
131 }
132 }
133 catch (Exception e)
134 {
135 errors.add(ActionErrors.GLOBAL_ERROR,
136 new ActionError("error.upload.file",e.toString()));
137 }
138 }
139 Iterator iter = msgs.getErrors();
140 while (iter.hasNext())
141 {
142 RollerMessages.RollerMessage error =
143 (RollerMessages.RollerMessage) iter.next();
144 errors.add(ActionErrors.GLOBAL_ERROR,
145 new ActionError(error.getKey(), error.getArgs()));
146 }
147 saveErrors(request, errors);
148 return fwd;
149 }
150
151
154 public ActionForward delete(
155 ActionMapping mapping,
156 ActionForm actionForm,
157 HttpServletRequest request,
158 HttpServletResponse response)
159 throws IOException , ServletException
160 {
161 ActionErrors errors = new ActionErrors();
162 UploadFileForm theForm = (UploadFileForm)actionForm;
163 ActionForward fwd = mapping.findForward("uploadFiles.page");
164 RollerRequest rreq = RollerRequest.getRollerRequest(request);
165 try
166 {
167 FileManager fmgr = rreq.getRoller().getFileManager();
168 WebsiteData website = rreq.getWebsite();
169 String [] deleteFiles = theForm.getDeleteFiles();
170 for (int i=0; i<deleteFiles.length; i++)
171 {
172 if ( deleteFiles[i].trim().startsWith("/")
173 || deleteFiles[i].trim().startsWith("\\")
174 || deleteFiles[i].indexOf("..") != -1)
175 {
176 }
178 else
179 {
180 fmgr.deleteFile(website, deleteFiles[i]);
181 }
182 }
183 }
184 catch (Exception e)
185 {
186 errors.add(ActionErrors.GLOBAL_ERROR,
187 new ActionError("error.upload.file",e.toString()));
188 saveErrors(request,errors);
189 }
190 return fwd;
191 }
192
193
194
197 public ActionForward unspecified(
198 ActionMapping mapping,
199 ActionForm actionForm,
200 HttpServletRequest request,
201 HttpServletResponse response)
202 throws IOException , ServletException
203 {
204 try
205 {
206 RollerRequest rreq = RollerRequest.getRollerRequest(request);
207 if ( !rreq.isUserAuthorizedToEdit() )
208 {
209 return mapping.findForward("access-denied");
210 }
211 }
212 catch (RollerException re)
213 {
214 mLogger.error("Unexpected exception",re.getRootCause());
215 throw new ServletException (re);
216 }
217 return mapping.findForward("uploadFiles.page");
218 }
219
220 }
221
222 |
Popular Tags |
Java API By Example, From Geeks To Geeks.