Example usage for org.jfree.chart.servlet ServletUtilities searchReplace

List of usage examples for org.jfree.chart.servlet ServletUtilities searchReplace

  1. HOME
  2. Java
  3. org.jfree
  4. org.jfree.chart.servlet.*
  5. ServletUtilities
  6. searchReplace

Introduction

In this page you can find the example usage for org.jfree.chart.servlet ServletUtilities searchReplace.

Prototype

public static String searchReplace(String inputString, String searchString, String replaceString)

Source Link

Document

Perform a search/replace operation on a String There are String methods to do this since (JDK 1.4)

Usage

From source file:edu.sc.seis.receiverFunction.web.MyDisplayChart.java

/**
 * Service method./*ww  w.ja  v  a 2s .com*/
 *
 * @param request  the request.
 * @param response  the response.
 *
 * @throws ServletException ??.
 * @throws IOException ??.
 */
public void service(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {

    HttpSession session = request.getSession();
    String filename = request.getParameter("filename");

    if (filename == null) {
        throw new ServletException("Parameter 'filename' must be supplied");
    }
    logger.debug("service :" + filename);
    //  Replace ".." with ""
    //  This is to prevent access to the rest of the file system
    filename = ServletUtilities.searchReplace(filename, "..", "");

    //  Check the file exists
    File file = new File(System.getProperty("java.io.tmpdir"), filename);
    if (!file.exists()) {
        throw new ServletException("File '" + file.getAbsolutePath() + "' does not exist");
    }

    //  Check that the graph being served was created by the current user
    //  or that it begins with "public"
    boolean isChartInUserList = false;
    ChartDeleter chartDeleter = (ChartDeleter) session.getAttribute("JFreeChart_Deleter");
    if (chartDeleter != null) {
        isChartInUserList = chartDeleter.isChartAvailable(filename);
    }

    boolean isChartPublic = false;
    if (filename.length() >= 6) {
        if (filename.substring(0, 6).equals("public")) {
            isChartPublic = true;
        }
    }

    boolean isOneTimeChart = false;
    if (filename.startsWith(ServletUtilities.getTempOneTimeFilePrefix())) {
        isOneTimeChart = true;
    }
    //
    // WARNING: HACK AHEAD!!!!!
    //
    // this is dumb, but since all ears charts are public and one time, just serve it
    // I think the upgrade to jetty8 caused the http to no longer have sessions, so
    // the default DisplayChart servlet had all three of 
    // isChartInUserList || isChartPublic || isOneTimeChart false, and
    // so no image was served. Progress! :(
    isOneTimeChart = true;

    if (isChartInUserList || isChartPublic || isOneTimeChart) {
        //  Serve it up
        logger.debug("sending " + file);
        ServletUtilities.sendTempFile(file, response);
        if (isOneTimeChart) {
            logger.debug("delelte " + file);
            file.delete();
        }
    } else {
        logger.error("chart image not found " + filename);
        throw new ServletException("Chart image not found");
    }
    return;
}

From source file:nl.wur.plantbreeding.jfreechart.DisplayChart.java

/**
 * Service method./*from  w w  w .  ja  v  a 2  s. c o m*/
 *
 * @param request  the request.
 * @param response  the response.
 *
 * @throws ServletException ??.
 * @throws IOException ??.
 */
@Override
public void service(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {

    HttpSession session = request.getSession();
    String filename = request.getParameter("filename");

    if (filename == null) {
        throw new ServletException("Parameter 'filename' must be supplied");
    }

    //  Replace ".." with ""
    //  This is to prevent access to the rest of the file system
    filename = ServletUtilities.searchReplace(filename, "..", "");

    //  Check the file exists
    File file = new File(System.getProperty("java.io.tmpdir"), filename);
    if (!file.exists()) {
        throw new ServletException("File '" + file.getAbsolutePath() + "' does not exist");
    }

    //  Check that the graph being served was created by the current user
    //  or that it begins with "public"
    //Fixme: set tot true to override. Like this, we can use the class to
    //show also our own images. This imposes likely a security thread.
    //Fix this for the future
    boolean isChartInUserList = true;
    ChartDeleter chartDeleter = (ChartDeleter) session.getAttribute("JFreeChart_Deleter");
    if (chartDeleter != null) {
        isChartInUserList = chartDeleter.isChartAvailable(filename);
    }

    boolean isChartPublic = false;
    if (filename.length() >= 6) {
        if (filename.substring(0, 6).equals("public")) {
            isChartPublic = true;
        }
        //FIXME: override of security checks as plots are not always shown
        isChartPublic = true;
    }

    boolean isOneTimeChart = false;
    if (filename.startsWith(ServletUtilities.getTempOneTimeFilePrefix())) {
        isOneTimeChart = true;
    }

    LOG.log(Level.WARNING,
            "Displaychart: " + "ChartInUserList: {0} " + "ChartPublic: {1} " + "OneTimeChart: {2}",
            new Object[] { isChartInUserList, isChartPublic, isOneTimeChart });

    if (isChartInUserList || isChartPublic || isOneTimeChart) {
        //  Serve it up
        ServletUtilities.sendTempFile(file, response);
        if (isOneTimeChart) {
            file.delete();
        }
    } else {
        throw new ServletException("Chart image not found");
    }
    return;
}