List of usage examples for org.jfree.chart.servlet ServletUtilities searchReplace
public static String searchReplace(String inputString, String searchString, String replaceString)
From source file:edu.sc.seis.receiverFunction.web.MyDisplayChart.java
/** * Service method./*ww w.ja v a 2s .com*/ * * @param request the request. * @param response the response. * * @throws ServletException ??. * @throws IOException ??. */ public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); String filename = request.getParameter("filename"); if (filename == null) { throw new ServletException("Parameter 'filename' must be supplied"); } logger.debug("service :" + filename); // Replace ".." with "" // This is to prevent access to the rest of the file system filename = ServletUtilities.searchReplace(filename, "..", ""); // Check the file exists File file = new File(System.getProperty("java.io.tmpdir"), filename); if (!file.exists()) { throw new ServletException("File '" + file.getAbsolutePath() + "' does not exist"); } // Check that the graph being served was created by the current user // or that it begins with "public" boolean isChartInUserList = false; ChartDeleter chartDeleter = (ChartDeleter) session.getAttribute("JFreeChart_Deleter"); if (chartDeleter != null) { isChartInUserList = chartDeleter.isChartAvailable(filename); } boolean isChartPublic = false; if (filename.length() >= 6) { if (filename.substring(0, 6).equals("public")) { isChartPublic = true; } } boolean isOneTimeChart = false; if (filename.startsWith(ServletUtilities.getTempOneTimeFilePrefix())) { isOneTimeChart = true; } // // WARNING: HACK AHEAD!!!!! // // this is dumb, but since all ears charts are public and one time, just serve it // I think the upgrade to jetty8 caused the http to no longer have sessions, so // the default DisplayChart servlet had all three of // isChartInUserList || isChartPublic || isOneTimeChart false, and // so no image was served. Progress! :( isOneTimeChart = true; if (isChartInUserList || isChartPublic || isOneTimeChart) { // Serve it up logger.debug("sending " + file); ServletUtilities.sendTempFile(file, response); if (isOneTimeChart) { logger.debug("delelte " + file); file.delete(); } } else { logger.error("chart image not found " + filename); throw new ServletException("Chart image not found"); } return; }
From source file:nl.wur.plantbreeding.jfreechart.DisplayChart.java
/** * Service method./*from w w w . ja v a 2 s. c o m*/ * * @param request the request. * @param response the response. * * @throws ServletException ??. * @throws IOException ??. */ @Override public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); String filename = request.getParameter("filename"); if (filename == null) { throw new ServletException("Parameter 'filename' must be supplied"); } // Replace ".." with "" // This is to prevent access to the rest of the file system filename = ServletUtilities.searchReplace(filename, "..", ""); // Check the file exists File file = new File(System.getProperty("java.io.tmpdir"), filename); if (!file.exists()) { throw new ServletException("File '" + file.getAbsolutePath() + "' does not exist"); } // Check that the graph being served was created by the current user // or that it begins with "public" //Fixme: set tot true to override. Like this, we can use the class to //show also our own images. This imposes likely a security thread. //Fix this for the future boolean isChartInUserList = true; ChartDeleter chartDeleter = (ChartDeleter) session.getAttribute("JFreeChart_Deleter"); if (chartDeleter != null) { isChartInUserList = chartDeleter.isChartAvailable(filename); } boolean isChartPublic = false; if (filename.length() >= 6) { if (filename.substring(0, 6).equals("public")) { isChartPublic = true; } //FIXME: override of security checks as plots are not always shown isChartPublic = true; } boolean isOneTimeChart = false; if (filename.startsWith(ServletUtilities.getTempOneTimeFilePrefix())) { isOneTimeChart = true; } LOG.log(Level.WARNING, "Displaychart: " + "ChartInUserList: {0} " + "ChartPublic: {1} " + "OneTimeChart: {2}", new Object[] { isChartInUserList, isChartPublic, isOneTimeChart }); if (isChartInUserList || isChartPublic || isOneTimeChart) { // Serve it up ServletUtilities.sendTempFile(file, response); if (isOneTimeChart) { file.delete(); } } else { throw new ServletException("Chart image not found"); } return; }