List of usage examples for org.apache.commons.fileupload.disk DiskFileItemFactory DiskFileItemFactory
public DiskFileItemFactory()
From source file:gov.nist.appvet.tool.AsynchronousService.java
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { FileItemFactory factory = new DiskFileItemFactory(); ServletFileUpload upload = new ServletFileUpload(factory); List items = null;/*from www. j av a 2 s . co m*/ FileItem fileItem = null; String appId = null; try { items = upload.parseRequest(request); } catch (FileUploadException e) { e.printStackTrace(); } // Get form fields Iterator iter = items.iterator(); FileItem item = null; while (iter.hasNext()) { item = (FileItem) iter.next(); if (item.isFormField()) { String incomingParameter = item.getFieldName(); String incomingValue = item.getString(); if (incomingParameter.equals("appid")) { appId = incomingValue; } log.debug("Received: " + incomingParameter + " = " + incomingValue); } else { // item should now hold the received file if (item != null) { fileItem = item; } } } // If app ID and file were received, send back HTTP 202 now if (appId != null && fileItem != null) { sendHttp202(response, "Received app " + appId + " for processing."); } else { sendHttp400(response, "Did not receive proper request."); return; } String appFilePath = null; String reportPath = null; String fileName = null; if (item != null) { fileName = getFileName(fileItem.getName()); if (!fileName.endsWith(".apk")) { sendHttp400(response, "Invalid app file: " + fileItem.getName()); return; } appFilePath = Properties.TEMP_DIR + "/" + appId + fileName; reportPath = Properties.TEMP_DIR + "/" + appId + "_report.txt"; log.debug("appFilePath: " + appFilePath); if (!saveFileUpload(fileItem, appFilePath)) { sendHttp500(response, "Could not save uploaded file"); return; } } else { log.error("File item was null."); return; } // Test app AndroidVulnerabilityScanner vulnerabilityScanner = new AndroidVulnerabilityScanner(appFilePath); boolean masterKeyFound = vulnerabilityScanner.hasMasterKey(); boolean extraFieldFound = vulnerabilityScanner.hasExtraField(); vulnerabilityScanner.close(); // Generate report String htmlReport = null; ToolStatus reportStatus = null; if (masterKeyFound) { reportStatus = ToolStatus.FAIL; htmlReport = generateReport(fileName, reportStatus, "Master Key vulnerability detected."); } if (extraFieldFound) { reportStatus = ToolStatus.FAIL; htmlReport = generateReport(fileName, reportStatus, "Extra Field vulnerability detected."); } if (!masterKeyFound && !extraFieldFound) { reportStatus = ToolStatus.PASS; htmlReport = generateReport(fileName, reportStatus, "No Master Key or Extra Field vulnerablity detected."); } // Write report file PrintWriter out = new PrintWriter(reportPath); out.write(htmlReport); out.close(); // Now send report sendReport(appId, reportStatus.name(), reportPath); boolean deleted = deleteFile(appFilePath); if (deleted) { log.debug("Deleted app " + appFilePath); } else { log.error("Could not delete app file " + appFilePath); } deleted = deleteFile(reportPath); if (deleted) { log.debug("Deleted report " + reportPath); } else { log.error("Could not delete report file " + reportPath); } // Clean up System.gc(); }
From source file:com.bruce.gogo.utils.JakartaMultiPartRequest.java
/** * Creates a new request wrapper to handle multi-part data using methods adapted from Jason Pell's * multipart classes (see class description). * * @param saveDir the directory to save off the file * @param servletRequest the request containing the multipart * @throws java.io.IOException is thrown if encoding fails. */// w ww . j a v a2 s . co m public void parse(HttpServletRequest servletRequest, String saveDir) throws IOException { DiskFileItemFactory fac = new DiskFileItemFactory(); // Make sure that the data is written to file fac.setSizeThreshold(0); if (saveDir != null) { fac.setRepository(new File(saveDir)); } // Parse the request try { ServletFileUpload upload = new ServletFileUpload(fac); upload.setSizeMax(maxSize); ProgressListener myProgressListener = new MyProgressListener(servletRequest); upload.setProgressListener(myProgressListener); List items = upload.parseRequest(createRequestContext(servletRequest)); for (Object item1 : items) { FileItem item = (FileItem) item1; if (LOG.isDebugEnabled()) LOG.debug("Found item " + item.getFieldName()); if (item.isFormField()) { LOG.debug("Item is a normal form field"); List<String> values; if (params.get(item.getFieldName()) != null) { values = params.get(item.getFieldName()); } else { values = new ArrayList<String>(); } // note: see http://jira.opensymphony.com/browse/WW-633 // basically, in some cases the charset may be null, so // we're just going to try to "other" method (no idea if this // will work) String charset = servletRequest.getCharacterEncoding(); if (charset != null) { values.add(item.getString(charset)); } else { values.add(item.getString()); } params.put(item.getFieldName(), values); } else { LOG.debug("Item is a file upload"); // Skip file uploads that don't have a file name - meaning that no file was selected. if (item.getName() == null || item.getName().trim().length() < 1) { LOG.debug("No file has been uploaded for the field: " + item.getFieldName()); continue; } List<FileItem> values; if (files.get(item.getFieldName()) != null) { values = files.get(item.getFieldName()); } else { values = new ArrayList<FileItem>(); } values.add(item); files.put(item.getFieldName(), values); } } } catch (FileUploadException e) { LOG.error("Unable to parse request", e); errors.add(e.getMessage()); } }
From source file:com.mingsoft.basic.servlet.UploadServlet.java
/** * ?post//w w w.ja v a2 s . c o m * @param req HttpServletRequest * @param res HttpServletResponse * @throws ServletException ? * @throws IOException ? */ @Override protected void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { res.setContentType("text/html;charset=utf-8"); PrintWriter out = res.getWriter(); String uploadPath = this.getServletContext().getRealPath(File.separator); // String isRename = "";// ???? true:??? String _tempPath = req.getServletContext().getRealPath(File.separator) + "temp";// FileUtil.createFolder(_tempPath); File tempPath = new File(_tempPath); // int maxSize = 1000000; // ??,?? 1000000/1024=0.9M //String allowedFile = ".jpg,.gif,.png,.zip"; // ? String deniedFile = ".exe,.com,.cgi,.asp"; // ?? DiskFileItemFactory factory = new DiskFileItemFactory(); // maximum size that will be stored in memory // ????? factory.setSizeThreshold(4096); // the location for saving data that is larger than getSizeThreshold() // ?SizeThreshold? factory.setRepository(tempPath); ServletFileUpload upload = new ServletFileUpload(factory); // maximum size before a FileUploadException will be thrown try { List fileItems = upload.parseRequest(req); Iterator iter = fileItems.iterator(); // ???? String regExp = ".+\\\\(.+)$"; // String[] errorType = deniedFile.split(","); Pattern p = Pattern.compile(regExp); String outPath = ""; //?? while (iter.hasNext()) { FileItem item = (FileItem) iter.next(); if (item.getFieldName().equals("uploadPath")) { outPath += item.getString(); uploadPath += outPath; } else if (item.getFieldName().equals("isRename")) { isRename = item.getString(); } else if (item.getFieldName().equals("maxSize")) { maxSize = Integer.parseInt(item.getString()) * 1048576; } else if (item.getFieldName().equals("allowedFile")) { // allowedFile = item.getString(); } else if (item.getFieldName().equals("deniedFile")) { deniedFile = item.getString(); } else if (!item.isFormField()) { // ??? String name = item.getName(); long size = item.getSize(); if ((name == null || name.equals("")) && size == 0) continue; try { // ?? 1000000/1024=0.9M upload.setSizeMax(maxSize); // ? // ? String fileName = System.currentTimeMillis() + name.substring(name.indexOf(".")); String savePath = uploadPath + File.separator; FileUtil.createFolder(savePath); // ??? if (StringUtil.isBlank(isRename) || Boolean.parseBoolean(isRename)) { savePath += fileName; outPath += fileName; } else { savePath += name; outPath += name; } item.write(new File(savePath)); out.print(outPath.trim()); logger.debug("upload file ok return path " + outPath); out.flush(); out.close(); } catch (Exception e) { this.logger.debug(e); } } } } catch (FileUploadException e) { this.logger.debug(e); } }
From source file:com.liteoc.bean.rule.FileUploadHelper.java
@SuppressWarnings("unchecked") private List<File> getFiles(HttpServletRequest request, ServletContext context, String dirToSaveUploadedFileIn) { List<File> files = new ArrayList<File>(); // FileCleaningTracker fileCleaningTracker = // FileCleanerCleanup.getFileCleaningTracker(context); // Create a factory for disk-based file items DiskFileItemFactory factory = new DiskFileItemFactory(); // Create a new file upload handler ServletFileUpload upload = new ServletFileUpload(factory); upload.setFileSizeMax(getFileProperties().getFileSizeMax()); try {//w w w . j a v a 2s . co m // Parse the request List<FileItem> items = upload.parseRequest(request); // Process the uploaded items Iterator<FileItem> iter = items.iterator(); while (iter.hasNext()) { FileItem item = iter.next(); if (item.isFormField()) { request.setAttribute(item.getFieldName(), item.getString()); // DO NOTHING , THIS SHOULD NOT BE Handled here } else { getFileProperties().isValidExtension(item.getName()); files.add(processUploadedFile(item, dirToSaveUploadedFileIn)); } } return files; } catch (FileSizeLimitExceededException slee) { throw new OpenClinicaSystemException("exceeds_permitted_file_size", new Object[] { String.valueOf(getFileProperties().getFileSizeMaxInMb()) }, slee.getMessage()); } catch (FileUploadException fue) { throw new OpenClinicaSystemException("file_upload_error_occured", new Object[] { fue.getMessage() }, fue.getMessage()); } }
From source file:gr.forth.ics.isl.x3mlEditor.upload.MultipartUploadParser.java
private DiskFileItemFactory setupFileItemFactory(File repository, ServletContext context) { DiskFileItemFactory factory = new DiskFileItemFactory(); factory.setSizeThreshold(DiskFileItemFactory.DEFAULT_SIZE_THRESHOLD); factory.setRepository(repository);/* w w w . ja v a 2s . co m*/ FileCleaningTracker pTracker = FileCleanerCleanup.getFileCleaningTracker(context); factory.setFileCleaningTracker(pTracker); return factory; }
From source file:controller.categoryServlet.java
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { PrintWriter out = response.getWriter(); request.setCharacterEncoding("utf-8"); response.setCharacterEncoding("utf-8"); String catimage = ""; String nameCategory = ""; String command = ""; int catogory_id = 0; String catogory_imagehidden = ""; String catogory_image = ""; if (!ServletFileUpload.isMultipartContent(request)) { // if not, we stop here PrintWriter writer = response.getWriter(); writer.println("Error: Form must has enctype=multipart/form-data."); writer.flush();/*from w w w . j a va 2s .c om*/ return; } // configures upload settings DiskFileItemFactory factory = new DiskFileItemFactory(); // sets memory threshold - beyond which files are stored in disk factory.setSizeThreshold(MEMORY_THRESHOLD); // sets temporary location to store files factory.setRepository(new File(System.getProperty("java.io.tmpdir"))); ServletFileUpload upload = new ServletFileUpload(factory); // sets maximum size of upload file upload.setFileSizeMax(MAX_FILE_SIZE); // sets maximum size of request (include file + form data) upload.setSizeMax(MAX_REQUEST_SIZE); // constructs the directory path to store upload file // this path is relative to application's directory String uploadPath = getServletContext().getRealPath("") + File.separator + UPLOAD_DIRECTORY; // creates the directory if it does not exist File uploadDir = new File(uploadPath); if (!uploadDir.exists()) { uploadDir.mkdir(); } try { // parses the request's content to extract file data @SuppressWarnings("unchecked") List<FileItem> formItems = upload.parseRequest(request); if (formItems != null && formItems.size() > 0) { // iterates over form's fields for (FileItem item : formItems) { // processes only fields that are not form fields if (!item.isFormField()) { catimage = new File(item.getName()).getName(); String filePath = uploadPath + File.separator + catimage; File storeFile = new File(filePath); item.write(storeFile); } else if (item.getFieldName().equals("name")) { nameCategory = item.getString(); } else if (item.getFieldName().equals("command")) { command = item.getString(); } else if (item.getFieldName().equals("catid")) { catogory_id = Integer.parseInt(item.getString()); } else if (item.getFieldName().equals("catogery_imagehidden")) { catogory_imagehidden = item.getString(); } } } } catch (Exception ex) { request.setAttribute("message", "There was an error: " + ex.getMessage()); } String url = "", error = ""; if (nameCategory.equals("")) { error = "Vui lng nhp tn danh mc!"; request.setAttribute("error", error); } HttpSession session = request.getSession(); try { if (error.length() == 0) { CategoryEntity c = new CategoryEntity(nameCategory, catimage); switch (command) { case "insert": if (cate.getListCategoryByName(nameCategory).size() > 0) { System.out.println("ten k "); out.println("ten k dc trung nhau"); out.flush(); return; } else { cate.insertCategory(c); request.setAttribute("er", "thanh cong"); url = "/java/admin/ql-category.jsp"; } break; case "update": if (cate.getListCategoryByName(nameCategory).size() > 0) { System.out.println("ten k "); out.println("ten k dc trung nhau"); out.flush(); return; } else { cate.updateCategory(nameCategory, catimage, catogory_id); url = "/java/admin/ql-category.jsp"; } break; } } else { url = "/java/admin/add-category.jsp"; } } catch (Exception e) { } response.sendRedirect(url); }
From source file:eionet.gdem.utils.MultipartFileUpload.java
/** * Constructor. Creates a new FileUploadAdapter object * @param uploadAtOnce Upload at once// w ww . j av a2 s . c o m */ public MultipartFileUpload(boolean uploadAtOnce) { // Create a factory for disk-based file items factory = new DiskFileItemFactory(); // Create a new file upload handler upload = new ServletFileUpload(factory); _params = new HashMap(); initEscapes(); this._uploadAtOnce = uploadAtOnce; }
From source file:com.github.glue.mvc.RequestHandler.java
private void init() { try {/*from w w w . j a v a2s . c o m*/ if (isMultipartContent(request)) { FileItemFactory itemFactory = new DiskFileItemFactory(); ServletFileUpload fileUpload = new ServletFileUpload(itemFactory); List<FileItem> items = fileUpload.parseRequest(request); for (FileItem fileItem : items) { if (fileItem.isFormField()) { parameters.put(fileItem.getFieldName(), new String[] { fileItem.getString(definition.getCharset()) }); } else { parameters.put(fileItem.getFieldName(), fileItem); } } } else { Map<String, String[]> paramteters = request.getParameterMap(); for (Map.Entry<String, String[]> item : paramteters.entrySet()) { String[] vars = item.getValue(); if (vars != null) { for (int i = 0; i < vars.length; i++) { vars[i] = new String(vars[i].getBytes("ISO-8859-1"), definition.getCharset()); } } parameters.put(item.getKey(), vars); } } } catch (Exception e) { throw new RuntimeException(e.getMessage(), e); } }
From source file:mx.edu.ittepic.proyectofinal.servlets.UploadFile.java
/** * Handles the HTTP <code>POST</code> method. * * @param request servlet request//from www . j a v a2s .c o m * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { boolean isMultipart = ServletFileUpload.isMultipartContent(request); // process only if it is multipart content if (isMultipart) { // Create a factory for disk-based file items FileItemFactory factory = new DiskFileItemFactory(); // Create a new file upload handler ServletFileUpload upload = new ServletFileUpload(factory); try { // Parse the request List<FileItem> multiparts = upload.parseRequest(request); for (FileItem item : multiparts) { if (!item.isFormField()) { String name = new File(item.getName()).getName(); item.write(new File(UPLOAD_DIRECTORY + File.separator + name)); } } } catch (Exception e) { e.printStackTrace(); } } }
From source file:controller.productServlet.java
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("utf-8"); response.setCharacterEncoding("utf-8"); String proimage = ""; String nameProduct = ""; double priceProduct = 0; String desProduct = ""; String colorProduct = ""; int years = 0; int catId = 0; int proid = 0; String command = ""; if (!ServletFileUpload.isMultipartContent(request)) { // if not, we stop here PrintWriter writer = response.getWriter(); writer.println("Error: Form must has enctype=multipart/form-data."); writer.flush();/*from www . jav a 2s. c o m*/ return; } // configures upload settings DiskFileItemFactory factory = new DiskFileItemFactory(); // sets memory threshold - beyond which files are stored in disk factory.setSizeThreshold(MEMORY_THRESHOLD); // sets temporary location to store files factory.setRepository(new File(System.getProperty("java.io.tmpdir"))); ServletFileUpload upload = new ServletFileUpload(factory); // sets maximum size of upload file upload.setFileSizeMax(MAX_FILE_SIZE); // sets maximum size of request (include file + form data) upload.setSizeMax(MAX_REQUEST_SIZE); // constructs the directory path to store upload file // this path is relative to application's directory String uploadPath = getServletContext().getRealPath("") + File.separator + UPLOAD_DIRECTORY; // creates the directory if it does not exist File uploadDir = new File(uploadPath); if (!uploadDir.exists()) { uploadDir.mkdir(); } try { // parses the request's content to extract file data @SuppressWarnings("unchecked") List<FileItem> formItems = upload.parseRequest(request); if (formItems != null && formItems.size() > 0) { // iterates over form's fields for (FileItem item : formItems) { // processes only fields that are not form fields if (!item.isFormField()) { proimage = new File(item.getName()).getName(); String filePath = uploadPath + File.separator + proimage; File storeFile = new File(filePath); System.out.println(proimage); item.write(storeFile); } else if (item.getFieldName().equals("name")) { nameProduct = item.getString(); } else if (item.getFieldName().equals("price")) { priceProduct = Double.parseDouble(item.getString()); } else if (item.getFieldName().equals("description")) { desProduct = item.getString(); System.out.println(desProduct); } else if (item.getFieldName().equals("color")) { colorProduct = item.getString(); } else if (item.getFieldName().equals("years")) { years = Integer.parseInt(item.getString()); } else if (item.getFieldName().equals("catogory_name")) { catId = Integer.parseInt(item.getString()); } else if (item.getFieldName().equals("command")) { command = item.getString(); } else if (item.getFieldName().equals("proid")) { proid = Integer.parseInt(item.getString()); } } } } catch (Exception ex) { request.setAttribute("message", "There was an error: " + ex.getMessage()); } String url = "", error = ""; if (nameProduct.equals("")) { error = "Vui lng nhp tn danh mc!"; request.setAttribute("error", error); } try { if (error.length() == 0) { ProductEntity p = new ProductEntity(catId, nameProduct, priceProduct, proimage, desProduct, colorProduct, years); switch (command) { case "insert": prod.insertProduct(p); url = "/java/admin/ql-product.jsp"; break; case "update": prod.updateProduct(catId, nameProduct, priceProduct, proimage, desProduct, colorProduct, years, proid); url = "/java/admin/ql-product.jsp"; break; } } else { url = "/java/admin/add-product.jsp"; } } catch (Exception e) { } response.sendRedirect(url); }