How to close a window without prompt?
For servlet:
out.println (”<script>”);
out.println (”window.opener = top;”);
out.println (”window.close()”);
out.println (”</script>”);
For html or jsp:
<script>
window.opener = top;
window.close();
</script>
Following is the program for browsing through PC files and folders.
Using this program, we can move,delete,rename,create files nad directories.
The following program can be run using Tomcat server 4,5,6 versions.
Browser.jsp:
<%–
jsp File browser 1.2
Copyright (C) 2003-2006 Boris von Loesch
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your option)
any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program; if not, write to the
Free Software Foundation, Inc.,
59 Temple Place, Suite 330,
Boston, MA 02111-1307 USA
- Description: jsp File browser v1.2 — This JSP program allows remote web-based
file access and manipulation. You can copy, create, move and delete files.
Text files can be edited and groups of files and folders can be downloaded
as a single zip file that’s created on the fly.
- Credits: Taylor Bastien, David Levine, David Cowan, Lieven Govaerts
–%>
<%@page import=”java.util.*,
java.net.*,
java.text.*,
java.util.zip.*,
java.io.*”
%>
<%!
//FEATURES
private static final boolean NATIVE_COMMANDS = true;
/**
*If true, all operations (besides upload and native commands)
*which change something on the file system are permitted
*/
private static final boolean READ_ONLY = false;
//If true, uploads are allowed even if READ_ONLY = true
private static final boolean ALLOW_UPLOAD = true;
//Allow browsing and file manipulation only in certain directories
private static final boolean RESTRICT_BROWSING = false;
//If true, the user is allowed to browse only in RESTRICT_PATH,
//if false, the user is allowed to browse all directories besides RESTRICT_PATH
private static final boolean RESTRICT_WHITELIST = false;
//Paths, sperated by semicolon
//private static final String RESTRICT_PATH = “C:\\CODE;E:\\”; //Win32: Case important!!
private static final String RESTRICT_PATH = “/etc;/var”;
//The refresh time in seconds of the upload monitor window
private static final int UPLOAD_MONITOR_REFRESH = 2;
//The number of colums for the edit field
private static final int EDITFIELD_COLS = 85;
//The number of rows for the edit field
private static final int EDITFIELD_ROWS = 30;
//Open a new window to view a file
private static final boolean USE_POPUP = true;
/**
* If USE_DIR_PREVIEW = true, then for every directory a tooltip will be
* created (hold the mouse over the link) with the first DIR_PREVIEW_NUMBER entries.
* This can yield to performance issues. Turn it off, if the directory loads to slow.
*/
private static final boolean USE_DIR_PREVIEW = false;
private static final int DIR_PREVIEW_NUMBER = 10;
/**
* The name of an optional CSS Stylesheet file
*/
private static final String CSS_NAME = “Browser.css”;
/**
* The compression level for zip file creation (0-9)
* 0 = No compression
* 1 = Standard compression (Very fast)
* …
* 9 = Best compression (Very slow)
*/
private static final int COMPRESSION_LEVEL = 1;
/**
* The FORBIDDEN_DRIVES are not displayed on the list. This can be usefull, if the
* server runs on a windows platform, to avoid a message box, if you try to access
* an empty removable drive (See KNOWN BUGS in Readme.txt).
*/
private static final String[] FORBIDDEN_DRIVES = {”a:\\”};
/**
* Command of the shell interpreter and the parameter to run a programm
*/
private static final String[] COMMAND_INTERPRETER = {”cmd”, “/C”}; // Dos,Windows
//private static final String[] COMMAND_INTERPRETER = {”/bin/sh”,”-c”}; // Unix
/**
* Max time in ms a process is allowed to run, before it will be terminated
*/
private static final long MAX_PROCESS_RUNNING_TIME = 30 * 1000; //30 seconds
//Button names
private static final String SAVE_AS_ZIP = “Download selected files as (z)ip”;
private static final String RENAME_FILE = “(R)ename File”;
private static final String DELETE_FILES = “(Del)ete selected files”;
private static final String CREATE_DIR = “Create (D)ir”;
private static final String CREATE_FILE = “(C)reate File”;
private static final String MOVE_FILES = “(M)ove Files”;
private static final String COPY_FILES = “Cop(y) Files”;
private static final String LAUNCH_COMMAND = “(L)aunch external program”;
private static final String UPLOAD_FILES = “Upload”;
//Normally you should not change anything after this line
//———————————————————————————-
//Change this to locate the tempfile directory for upload (not longer needed)
private static String tempdir = “.”;
private static String VERSION_NR = “1.2″;
private static DateFormat dateFormat = DateFormat.getDateTimeInstance();
public class UplInfo {
public long totalSize;
public long currSize;
public long starttime;
public boolean aborted;
public UplInfo() {
totalSize = 0l;
currSize = 0l;
starttime = System.currentTimeMillis();
aborted = false;
}
public UplInfo(int size) {
totalSize = size;
currSize = 0;
starttime = System.currentTimeMillis();
aborted = false;
}
public String getUprate() {
long time = System.currentTimeMillis() – starttime;
if (time != 0) {
long uprate = currSize * 1000 / time;
return convertFileSize(uprate) + “/s”;
}
else return “n/a”;
}
public int getPercent() {
if (totalSize == 0) return 0;
else return (int) (currSize * 100 / totalSize);
}
public String getTimeElapsed() {
long time = (System.currentTimeMillis() – starttime) / 1000l;
if (time – 60l >= 0){
if (time % 60 >=10) return time / 60 + “:” + (time % 60) + “m”;
else return time / 60 + “:0″ + (time % 60) + “m”;
}
else return time<10 ? “0″ + time + “s”: time + “s”;
}
public String getTimeEstimated() {
if (currSize == 0) return “n/a”;
long time = System.currentTimeMillis() – starttime;
time = totalSize * time / currSize;
time /= 1000l;
if (time – 60l >= 0){
if (time % 60 >=10) return time / 60 + “:” + (time % 60) + “m”;
else return time / 60 + “:0″ + (time % 60) + “m”;
}
else return time<10 ? “0″ + time + “s”: time + “s”;
}
}
public class FileInfo {
public String name = null, clientFileName = null, fileContentType = null;
private byte[] fileContents = null;
public File file = null;
public StringBuffer sb = new StringBuffer(100);
public void setFileContents(byte[] aByteArray) {
fileContents = new byte[aByteArray.length];
System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
}
}
public static class UploadMonitor {
static Hashtable uploadTable = new Hashtable();
static void set(String fName, UplInfo info) {
uploadTable.put(fName, info);
}
static void remove(String fName) {
uploadTable.remove(fName);
}
static UplInfo getInfo(String fName) {
UplInfo info = (UplInfo) uploadTable.get(fName);
return info;
}
}
// A Class with methods used to process a ServletInputStream
public class HttpMultiPartParser {
//private final String lineSeparator = System.getProperty(”line.separator”, “\n”);
private final int ONE_MB = 1024 * 1;
public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
int clength) throws IllegalArgumentException, IOException {
if (is == null) throw new IllegalArgumentException(”InputStream”);
if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
“\”" + boundary + “\” is an illegal boundary indicator”);
boundary = “–” + boundary;
StringTokenizer stLine = null, stFields = null;
FileInfo fileInfo = null;
Hashtable dataTable = new Hashtable(5);
String line = null, field = null, paramName = null;
boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
boolean isFile = false;
if (saveFiles) { // Create the required directory (including parent dirs)
File f = new File(saveInDir);
f.mkdirs();
}
line = getLine(is);
if (line == null || !line.startsWith(boundary)) throw new IOException(
“Boundary not found; boundary = ” + boundary + “, line = ” + line);
while (line != null) {
if (line == null || !line.startsWith(boundary)) return dataTable;
line = getLine(is);
if (line == null) return dataTable;
stLine = new StringTokenizer(line, “;\r\n”);
if (stLine.countTokens() < 2) throw new IllegalArgumentException(
“Bad data in second line”);
line = stLine.nextToken().toLowerCase();
if (line.indexOf(”form-data”) < 0) throw new IllegalArgumentException(
“Bad data in second line”);
stFields = new StringTokenizer(stLine.nextToken(), “=\”");
if (stFields.countTokens() < 2) throw new IllegalArgumentException(
“Bad data in second line”);
fileInfo = new FileInfo();
stFields.nextToken();
paramName = stFields.nextToken();
isFile = false;
if (stLine.hasMoreTokens()) {
field = stLine.nextToken();
stFields = new StringTokenizer(field, “=\”");
if (stFields.countTokens() > 1) {
if (stFields.nextToken().trim().equalsIgnoreCase(”filename”)) {
fileInfo.name = paramName;
String value = stFields.nextToken();
if (value != null && value.trim().length() > 0) {
fileInfo.clientFileName = value;
isFile = true;
}
else {
line = getLine(is); // Skip “Content-Type:” line
line = getLine(is); // Skip blank line
line = getLine(is); // Skip blank line
line = getLine(is); // Position to boundary line
continue;
}
}
}
else if (field.toLowerCase().indexOf(”filename”) >= 0) {
line = getLine(is); // Skip “Content-Type:” line
line = getLine(is); // Skip blank line
line = getLine(is); // Skip blank line
line = getLine(is); // Position to boundary line
continue;
}
}
boolean skipBlankLine = true;
if (isFile) {
line = getLine(is);
if (line == null) return dataTable;
if (line.trim().length() < 1) skipBlankLine = false;
else {
stLine = new StringTokenizer(line, “: “);
if (stLine.countTokens() < 2) throw new IllegalArgumentException(
“Bad data in third line”);
stLine.nextToken(); // Content-Type
fileInfo.fileContentType = stLine.nextToken();
}
}
if (skipBlankLine) {
line = getLine(is);
if (line == null) return dataTable;
}
if (!isFile) {
line = getLine(is);
if (line == null) return dataTable;
dataTable.put(paramName, line);
// If parameter is dir, change saveInDir to dir
if (paramName.equals(”dir”)) saveInDir = line;
line = getLine(is);
continue;
}
try {
UplInfo uplInfo = new UplInfo(clength);
UploadMonitor.set(fileInfo.clientFileName, uplInfo);
OutputStream os = null;
String path = null;
if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
fileInfo.clientFileName));
else os = new ByteArrayOutputStream(ONE_MB);
boolean readingContent = true;
byte previousLine[] = new byte[2 * ONE_MB];
byte temp[] = null;
byte currentLine[] = new byte[2 * ONE_MB];
int read, read3;
if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
line = null;
break;
}
while (readingContent) {
if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
line = null;
uplInfo.aborted = true;
break;
}
if (compareBoundary(boundary, currentLine)) {
os.write(previousLine, 0, read – 2);
line = new String(currentLine, 0, read3);
break;
}
else {
os.write(previousLine, 0, read);
uplInfo.currSize += read;
temp = currentLine;
currentLine = previousLine;
previousLine = temp;
read = read3;
}//end else
}//end while
os.flush();
os.close();
if (!saveFiles) {
ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
fileInfo.setFileContents(baos.toByteArray());
}
else fileInfo.file = new File(path);
dataTable.put(paramName, fileInfo);
uplInfo.currSize = uplInfo.totalSize;
}//end try
catch (IOException e) {
throw e;
}
}
return dataTable;
}
/**
* Compares boundary string to byte array
*/
private boolean compareBoundary(String boundary, byte ba[]) {
if (boundary == null || ba == null) return false;
for (int i = 0; i < boundary.length(); i++)
if ((byte) boundary.charAt(i) != ba[i]) return false;
return true;
}
/** Convenience method to read HTTP header lines */
private synchronized String getLine(ServletInputStream sis) throws IOException {
byte b[] = new byte[1024];
int read = sis.readLine(b, 0, b.length), index;
String line = null;
if (read != -1) {
line = new String(b, 0, read);
if ((index = line.indexOf(’\n’)) >= 0) line = line.substring(0, index – 1);
}
return line;
}
public String getFileName(String dir, String fileName) throws IllegalArgumentException {
String path = null;
if (dir == null || fileName == null) throw new IllegalArgumentException(
“dir or fileName is null”);
int index = fileName.lastIndexOf(’/');
String name = null;
if (index >= 0) name = fileName.substring(index + 1);
else name = fileName;
index = name.lastIndexOf(’\\’);
if (index >= 0) fileName = name.substring(index + 1);
path = dir + File.separator + fileName;
if (File.separatorChar == ‘/’) return path.replace(’\\’, File.separatorChar);
else return path.replace(’/', File.separatorChar);
}
} //End of class HttpMultiPartParser
/**
* This class is a comparator to sort the filenames and dirs
*/
class FileComp implements Comparator {
int mode;
int sign;
FileComp() {
this.mode = 1;
this.sign = 1;
}
/**
* @param mode sort by 1=Filename, 2=Size, 3=Date, 4=Type
* The default sorting method is by Name
* Negative mode means descending sort
*/
FileComp(int mode) {
if (mode < 0) {
this.mode = -mode;
sign = -1;
}
else {
this.mode = mode;
this.sign = 1;
}
}
public int compare(Object o1, Object o2) {
File f1 = (File) o1;
File f2 = (File) o2;
if (f1.isDirectory()) {
if (f2.isDirectory()) {
switch (mode) {
//Filename or Type
case 1:
case 4:
return sign
* f1.getAbsolutePath().toUpperCase().compareTo(
f2.getAbsolutePath().toUpperCase());
//Filesize
case 2:
return sign * (new Long(f1.length()).compareTo(new Long(f2.length())));
//Date
case 3:
return sign
* (new Long(f1.lastModified())
.compareTo(new Long(f2.lastModified())));
default:
return 1;
}
}
else return -1;
}
else if (f2.isDirectory()) return 1;
else {
switch (mode) {
case 1:
return sign
* f1.getAbsolutePath().toUpperCase().compareTo(
f2.getAbsolutePath().toUpperCase());
case 2:
return sign * (new Long(f1.length()).compareTo(new Long(f2.length())));
case 3:
return sign
* (new Long(f1.lastModified()).compareTo(new Long(f2.lastModified())));
case 4: { // Sort by extension
int tempIndexf1 = f1.getAbsolutePath().lastIndexOf(’.');
int tempIndexf2 = f2.getAbsolutePath().lastIndexOf(’.');
if ((tempIndexf1 == -1) && (tempIndexf2 == -1)) { // Neither have an extension
return sign
* f1.getAbsolutePath().toUpperCase().compareTo(
f2.getAbsolutePath().toUpperCase());
}
// f1 has no extension
else if (tempIndexf1 == -1) return -sign;
// f2 has no extension
else if (tempIndexf2 == -1) return sign;
// Both have an extension
else {
String tempEndf1 = f1.getAbsolutePath().toUpperCase()
.substring(tempIndexf1);
String tempEndf2 = f2.getAbsolutePath().toUpperCase()
.substring(tempIndexf2);
return sign * tempEndf1.compareTo(tempEndf2);
}
}
default:
return 1;
}
}
}
}
/**
* Wrapperclass to wrap an OutputStream around a Writer
*/
class Writer2Stream extends OutputStream {
Writer out;
Writer2Stream(Writer w) {
super();
out = w;
}
public void write(int i) throws IOException {
out.write(i);
}
public void write(byte[] b) throws IOException {
for (int i = 0; i < b.length; i++) {
int n = b[i];
//Convert byte to ubyte
n = ((n >>> 4) & 0xF) * 16 + (n & 0xF);
out.write(n);
}
}
public void write(byte[] b, int off, int len) throws IOException {
for (int i = off; i < off + len; i++) {
int n = b[i];
n = ((n >>> 4) & 0xF) * 16 + (n & 0xF);
out.write(n);
}
}
} //End of class Writer2Stream
static Vector expandFileList(String[] files, boolean inclDirs) {
Vector v = new Vector();
if (files == null) return v;
for (int i = 0; i < files.length; i++)
v.add(new File(URLDecoder.decode(files[i])));
for (int i = 0; i < v.size(); i++) {
File f = (File) v.get(i);
if (f.isDirectory()) {
File[] fs = f.listFiles();
for (int n = 0; n < fs.length; n++)
v.add(fs[n]);
if (!inclDirs) {
v.remove(i);
i–;
}
}
}
return v;
}
/**
* Method to build an absolute path
* @param dir the root dir
* @param name the name of the new directory
* @return if name is an absolute directory, returns name, else returns dir+name
*/
static String getDir(String dir, String name) {
if (!dir.endsWith(File.separator)) dir = dir + File.separator;
File mv = new File(name);
String new_dir = null;
if (!mv.isAbsolute()) {
new_dir = dir + name;
}
else new_dir = name;
return new_dir;
}
/**
* This Method converts a byte size in a kbytes or Mbytes size, depending on the size
* @param size The size in bytes
* @return String with size and unit
*/
static String convertFileSize(long size) {
int divisor = 1;
String unit = “bytes”;
if (size >= 1024 * 1024) {
divisor = 1024 * 1024;
unit = “MB”;
}
else if (size >= 1024) {
divisor = 1024;
unit = “KB”;
}
if (divisor == 1) return size / divisor + ” ” + unit;
String aftercomma = “” + 100 * (size % divisor) / divisor;
if (aftercomma.length() == 1) aftercomma = “0″ + aftercomma;
return size / divisor + “.” + aftercomma + ” ” + unit;
}
/**
* Copies all data from in to out
* @param in the input stream
* @param out the output stream
* @param buffer copy buffer
*/
static void copyStreams(InputStream in, OutputStream out, byte[] buffer) throws IOException {
copyStreamsWithoutClose(in, out, buffer);
in.close();
out.close();
}
/**
* Copies all data from in to out
* @param in the input stream
* @param out the output stream
* @param buffer copy buffer
*/
static void copyStreamsWithoutClose(InputStream in, OutputStream out, byte[] buffer)
throws IOException {
int b;
while ((b = in.read(buffer)) != -1)
out.write(buffer, 0, b);
}
/**
* Returns the Mime Type of the file, depending on the extension of the filename
*/
static String getMimeType(String fName) {
fName = fName.toLowerCase();
if (fName.endsWith(”.jpg”) || fName.endsWith(”.jpeg”) || fName.endsWith(”.jpe”)) return “image/jpeg”;
else if (fName.endsWith(”.gif”)) return “image/gif”;
else if (fName.endsWith(”.pdf”)) return “application/pdf”;
else if (fName.endsWith(”.htm”) || fName.endsWith(”.html”) || fName.endsWith(”.shtml”)) return “text/html”;
else if (fName.endsWith(”.avi”)) return “video/x-msvideo”;
else if (fName.endsWith(”.mov”) || fName.endsWith(”.qt”)) return “video/quicktime”;
else if (fName.endsWith(”.mpg”) || fName.endsWith(”.mpeg”) || fName.endsWith(”.mpe”)) return “video/mpeg”;
else if (fName.endsWith(”.zip”)) return “application/zip”;
else if (fName.endsWith(”.tiff”) || fName.endsWith(”.tif”)) return “image/tiff”;
else if (fName.endsWith(”.rtf”)) return “application/rtf”;
else if (fName.endsWith(”.mid”) || fName.endsWith(”.midi”)) return “audio/x-midi”;
else if (fName.endsWith(”.xl”) || fName.endsWith(”.xls”) || fName.endsWith(”.xlv”)
|| fName.endsWith(”.xla”) || fName.endsWith(”.xlb”) || fName.endsWith(”.xlt”)
|| fName.endsWith(”.xlm”) || fName.endsWith(”.xlk”)) return “application/excel”;
else if (fName.endsWith(”.doc”) || fName.endsWith(”.dot”)) return “application/msword”;
else if (fName.endsWith(”.png”)) return “image/png”;
else if (fName.endsWith(”.xml”)) return “text/xml”;
else if (fName.endsWith(”.svg”)) return “image/svg+xml”;
else if (fName.endsWith(”.mp3″)) return “audio/mp3″;
else if (fName.endsWith(”.ogg”)) return “audio/ogg”;
else return “text/plain”;
}
/**
* Converts some important chars (int) to the corresponding html string
*/
static String conv2Html(int i) {
if (i == ‘&’) return “&”;
else if (i == ‘<’) return “<”;
else if (i == ‘>’) return “>”;
else if (i == ‘”‘) return “"”;
else return “” + (char) i;
}
/**
* Converts a normal string to a html conform string
*/
static String conv2Html(String st) {
StringBuffer buf = new StringBuffer();
for (int i = 0; i < st.length(); i++) {
buf.append(conv2Html(st.charAt(i)));
}
return buf.toString();
}
/**
* Starts a native process on the server
* @param command the command to start the process
* @param dir the dir in which the process starts
*/
static String startProcess(String command, String dir) throws IOException {
StringBuffer ret = new StringBuffer();
String[] comm = new String[3];
comm[0] = COMMAND_INTERPRETER[0];
comm[1] = COMMAND_INTERPRETER[1];
comm[2] = command;
long start = System.currentTimeMillis();
try {
//Start process
Process ls_proc = Runtime.getRuntime().exec(comm, null, new File(dir));
//Get input and error streams
BufferedInputStream ls_in = new BufferedInputStream(ls_proc.getInputStream());
BufferedInputStream ls_err = new BufferedInputStream(ls_proc.getErrorStream());
boolean end = false;
while (!end) {
int c = 0;
while ((ls_err.available() > 0) && (++c <= 1000)) {
ret.append(conv2Html(ls_err.read()));
}
c = 0;
while ((ls_in.available() > 0) && (++c <= 1000)) {
ret.append(conv2Html(ls_in.read()));
}
try {
ls_proc.exitValue();
//if the process has not finished, an exception is thrown
//else
while (ls_err.available() > 0)
ret.append(conv2Html(ls_err.read()));
while (ls_in.available() > 0)
ret.append(conv2Html(ls_in.read()));
end = true;
}
catch (IllegalThreadStateException ex) {
//Process is running
}
//The process is not allowed to run longer than given time.
if (System.currentTimeMillis() – start > MAX_PROCESS_RUNNING_TIME) {
ls_proc.destroy();
end = true;
ret.append(”!!!! Process has timed out, destroyed !!!!!”);
}
try {
Thread.sleep(50);
}
catch (InterruptedException ie) {}
}
}
catch (IOException e) {
ret.append(”Error: ” + e);
}
return ret.toString();
}
/**
* Converts a dir string to a linked dir string
* @param dir the directory string (e.g. /usr/local/httpd)
* @param browserLink web-path to Browser.jsp
*/
static String dir2linkdir(String dir, String browserLink, int sortMode) {
File f = new File(dir);
StringBuffer buf = new StringBuffer();
while (f.getParentFile() != null) {
if (f.canRead()) {
String encPath = URLEncoder.encode(f.getAbsolutePath());
buf.insert(0, “<a href=\”" + browserLink + “?sort=” + sortMode + “&dir=”
+ encPath + “\”>” + conv2Html(f.getName()) + File.separator + “</a>”);
}
else buf.insert(0, conv2Html(f.getName()) + File.separator);
f = f.getParentFile();
}
if (f.canRead()) {
String encPath = URLEncoder.encode(f.getAbsolutePath());
buf.insert(0, “<a href=\”" + browserLink + “?sort=” + sortMode + “&dir=” + encPath
+ “\”>” + conv2Html(f.getAbsolutePath()) + “</a>”);
}
else buf.insert(0, f.getAbsolutePath());
return buf.toString();
}
/**
* Returns true if the given filename tends towards a packed file
*/
static boolean isPacked(String name, boolean gz) {
return (name.toLowerCase().endsWith(”.zip”) || name.toLowerCase().endsWith(”.jar”)
|| (gz && name.toLowerCase().endsWith(”.gz”)) || name.toLowerCase()
.endsWith(”.war”));
}
/**
* If RESTRICT_BROWSING = true this method checks, whether the path is allowed or not
*/
static boolean isAllowed(File path, boolean write) throws IOException{
if (READ_ONLY && write) return false;
if (RESTRICT_BROWSING) {
StringTokenizer stk = new StringTokenizer(RESTRICT_PATH, “;”);
while (stk.hasMoreTokens()){
if (path!=null && path.getCanonicalPath().startsWith(stk.nextToken()))
return RESTRICT_WHITELIST;
}
return !RESTRICT_WHITELIST;
}
else return true;
}
//—————————————————————————————————————
%>
<%
//Get the current browsing directory
request.setAttribute(”dir”, request.getParameter(”dir”));
// The browser_name variable is used to keep track of the URI
// of the jsp file itself. It is used in all link-backs.
final String browser_name = request.getRequestURI();
final String FOL_IMG = “”;
boolean nohtml = false;
boolean dir_view = true;
//Get Javascript
if (request.getParameter(”Javascript”) != null) {
dir_view = false;
nohtml = true;
//Tell the browser that it should cache the javascript
response.setHeader(”Cache-Control”, “public”);
Date now = new Date();
SimpleDateFormat sdf = new SimpleDateFormat(”EEE, d MMM yyyy HH:mm:ss z”, Locale.US);
response.setHeader(”Expires”, sdf.format(new Date(now.getTime() + 1000 * 60 * 60 * 24*2)));
response.setHeader(”Content-Type”, “text/javascript”);
%>
<%// This section contains the Javascript used for interface elements %>
var check = false;
<%// Disables the checkbox feature %>
function dis(){check = true;}
var DOM = 0, MS = 0, OP = 0, b = 0;
<%// Determine the browser type %>
function CheckBrowser(){
if (b == 0){
if (window.opera) OP = 1;
// Moz or Netscape
if(document.getElementById) DOM = 1;
// Micro$oft
if(document.all && !OP) MS = 1;
b = 1;
}
}
<%// Allows the whole row to be selected %>
function selrow (element, i){
var erst;
CheckBrowser();
if ((OP==1)||(MS==1)) erst = element.firstChild.firstChild;
else if (DOM==1) erst = element.firstChild.nextSibling.firstChild;
<%// MouseIn %>
if (i==0){
if (erst.checked == true) element.className=’mousechecked’;
else element.className=’mousein’;
}
<%// MouseOut %>
else if (i==1){
if (erst.checked == true) element.className=’checked’;
else element.className=’mouseout’;
}
<% // MouseClick %>
else if ((i==2)&&(!check)){
if (erst.checked==true) element.className=’mousein’;
else element.className=’mousechecked’;
erst.click();
}
else check=false;
}
<%// Filter files and dirs in FileList%>
function filter (begriff){
var suche = begriff.value.toLowerCase();
var table = document.getElementById(”filetable”);
var ele;
for (var r = 1; r < table.rows.length; r++){
ele = table.rows[r].cells[1].innerHTML.replace(/<[^>]+>/g,”");
if (ele.toLowerCase().indexOf(suche)>=0 )
table.rows[r].style.display = ”;
else table.rows[r].style.display = ‘none’;
}
}
<%//(De)select all checkboxes%>
function AllFiles(){
for(var x=0;x < document.FileList.elements.length;x++){
var y = document.FileList.elements[x];
var ytr = y.parentNode.parentNode;
var check = document.FileList.selall.checked;
if(y.name == ’selfile’ && ytr.style.display != ‘none’){
if (y.disabled != true){
y.checked = check;
if (y.checked == true) ytr.className = ‘checked’;
else ytr.className = ‘mouseout’;
}
}
}
}
function shortKeyHandler(_event){
if (!_event) _event = window.event;
if (_event.which) {
keycode = _event.which;
} else if (_event.keyCode) {
keycode = _event.keyCode;
}
var t = document.getElementById(”text_Dir”);
//z
if (keycode == 122){
document.getElementById(”but_Zip”).click();
}
//r, F2
else if (keycode == 113 || keycode == 114){
var path = prompt(”Please enter new filename”, “”);
if (path == null) return;
t.value = path;
document.getElementById(”but_Ren”).click();
}
//c
else if (keycode == 99){
var path = prompt(”Please enter filename”, “”);
if (path == null) return;
t.value = path;
document.getElementById(”but_NFi”).click();
}
//d
else if (keycode == 100){
var path = prompt(”Please enter directory name”, “”);
if (path == null) return;
t.value = path;
document.getElementById(”but_NDi”).click();
}
//m
else if (keycode == 109){
var path = prompt(”Please enter move destination”, “”);
if (path == null) return;
t.value = path;
document.getElementById(”but_Mov”).click();
}
//y
else if (keycode == 121){
var path = prompt(”Please enter copy destination”, “”);
if (path == null) return;
t.value = path;
document.getElementById(”but_Cop”).click();
}
//l
else if (keycode == 108){
document.getElementById(”but_Lau”).click();
}
//Del
else if (keycode == 46){
document.getElementById(”but_Del”).click();
}
}
function popUp(URL){
fname = document.getElementsByName(”myFile”)[0].value;
if (fname != “”)
window.open(URL+”?first&uplMonitor=”+encodeURIComponent(fname),”",”width=400,height=150,resizable=yes,depend=yes”)
}
document.onkeypress = shortKeyHandler;
<% }
// View file
else if (request.getParameter(”file”) != null) {
File f = new File(request.getParameter(”file”));
if (!isAllowed(f, false)) {
request.setAttribute(”dir”, f.getParent());
request.setAttribute(”error”, “You are not allowed to access “+f.getAbsolutePath());
}
else if (f.exists() && f.canRead()) {
if (isPacked(f.getName(), false)) {
//If zipFile, do nothing here
}
else{
String mimeType = getMimeType(f.getName());
response.setContentType(mimeType);
if (mimeType.equals(”text/plain”)) response.setHeader(
“Content-Disposition”, “inline;filename=\”temp.txt\”");
else response.setHeader(”Content-Disposition”, “inline;filename=\”"
+ f.getName() + “\”");
BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
byte buffer[] = new byte[8 * 1024];
out.clearBuffer();
OutputStream out_s = new Writer2Stream(out);
copyStreamsWithoutClose(fileInput, out_s, buffer);
fileInput.close();
out_s.flush();
nohtml = true;
dir_view = false;
}
}
else {
request.setAttribute(”dir”, f.getParent());
request.setAttribute(”error”, “File ” + f.getAbsolutePath()
+ ” does not exist or is not readable on the server”);
}
}
// Download selected files as zip file
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(SAVE_AS_ZIP))) {
Vector v = expandFileList(request.getParameterValues(”selfile”), false);
//Check if all files in vector are allowed
String notAllowedFile = null;
for (int i = 0;i < v.size(); i++){
File f = (File) v.get(i);
if (!isAllowed(f, false)){
notAllowedFile = f.getAbsolutePath();
break;
}
}
if (notAllowedFile != null){
request.setAttribute(”error”, “You are not allowed to access ” + notAllowedFile);
}
else if (v.size() == 0) {
request.setAttribute(”error”, “No files selected”);
}
else {
File dir_file = new File(”" + request.getAttribute(”dir”));
int dir_l = dir_file.getAbsolutePath().length();
response.setContentType(”application/zip”);
response.setHeader(”Content-Disposition”, “attachment;filename=\”rename_me.zip\”");
out.clearBuffer();
ZipOutputStream zipout = new ZipOutputStream(new Writer2Stream(out));
zipout.setComment(”Created by jsp File Browser v. ” + VERSION_NR);
zipout.setLevel(COMPRESSION_LEVEL);
for (int i = 0; i < v.size(); i++) {
File f = (File) v.get(i);
if (f.canRead()) {
zipout.putNextEntry(new ZipEntry(f.getAbsolutePath().substring(dir_l + 1)));
BufferedInputStream fr = new BufferedInputStream(new FileInputStream(f));
byte buffer[] = new byte[0xffff];
copyStreamsWithoutClose(fr, zipout, buffer);
/* int b;
while ((b=fr.read())!=-1) zipout.write(b);*/
fr.close();
zipout.closeEntry();
}
}
zipout.finish();
out.flush();
nohtml = true;
dir_view = false;
}
}
// Download file
else if (request.getParameter(”downfile”) != null) {
String filePath = request.getParameter(”downfile”);
File f = new File(filePath);
if (!isAllowed(f, false)){
request.setAttribute(”dir”, f.getParent());
request.setAttribute(”error”, “You are not allowed to access ” + f.getAbsoluteFile());
}
else if (f.exists() && f.canRead()) {
response.setContentType(”application/octet-stream”);
response.setHeader(”Content-Disposition”, “attachment;filename=\”" + f.getName()
+ “\”");
response.setContentLength((int) f.length());
BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
byte buffer[] = new byte[8 * 1024];
out.clearBuffer();
OutputStream out_s = new Writer2Stream(out);
copyStreamsWithoutClose(fileInput, out_s, buffer);
fileInput.close();
out_s.flush();
nohtml = true;
dir_view = false;
}
else {
request.setAttribute(”dir”, f.getParent());
request.setAttribute(”error”, “File ” + f.getAbsolutePath()
+ ” does not exist or is not readable on the server”);
}
}
if (nohtml) return;
//else
// If no parameter is submitted, it will take the path from jsp file browser
if (request.getAttribute(”dir”) == null) {
String path = null;
if (application.getRealPath(request.getRequestURI()) != null) {
File f = new File(application.getRealPath(request.getRequestURI())).getParentFile();
//This is a hack needed for tomcat
while (f != null && !f.exists())
f = f.getParentFile();
if (f != null)
path = f.getAbsolutePath();
}
if (path == null) { // handle the case where we are not in a directory (ex: war file)
path = new File(”.”).getAbsolutePath();
}
//Check path
if (!isAllowed(new File(path), false)){
//TODO Blacklist
if (RESTRICT_PATH.indexOf(”;”)<0) path = RESTRICT_PATH;
else path = RESTRICT_PATH.substring(0, RESTRICT_PATH.indexOf(”;”));
}
request.setAttribute(”dir”, path);
}%>
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”
“http://www.w3.org/TR/html4/loose.dtd”>
<html>
<head>
<meta http-equiv=”content-type” content=”text/html; charset=ISO-8859-1″>
<meta name=”robots” content=”noindex”>
<meta http-equiv=”expires” content=”0″>
<meta http-equiv=”pragma” content=”no-cache”>
<%
//If a cssfile exists, it will take it
String cssPath = null;
if (application.getRealPath(request.getRequestURI()) != null) cssPath = new File(
application.getRealPath(request.getRequestURI())).getParent()
+ File.separator + CSS_NAME;
if (cssPath == null) cssPath = application.getResource(CSS_NAME).toString();
if (new File(cssPath).exists()) {
%>
<link rel=”stylesheet” type=”text/css” href=”<%=CSS_NAME%>”>
<%}
else if (request.getParameter(”uplMonitor”) == null) {%>
<style type=”text/css”>
input.button {background-color: #c0c0c0; color: #666666;
border: 1px solid #999999; margin: 5px 1px 5px 1px;}
input.textfield {margin: 5px 1px 5px 1px;}
input.button:Hover { color: #444444 }
table.filelist {background-color:#666666; width:100%; border:0px none #ffffff}
.formular {margin: 1px; background-color:#ffffff; padding: 1em; border:1px solid #000000;}
.formular2 {margin: 1px;}
th { background-color:#c0c0c0 }
tr.mouseout { background-color:#ffffff; }
tr.mousein { background-color:#eeeeee; }
tr.checked { background-color:#cccccc }
tr.mousechecked { background-color:#c0c0c0 }
td { font-family:Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; color: #666666;}
td.message { background-color: #FFFF00; color: #000000; text-align:center; font-weight:bold}
td.error { background-color: #FF0000; color: #000000; text-align:center; font-weight:bold}
A { text-decoration: none; }
A:Hover { color : Red; text-decoration : underline; }
BODY { font-family:Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; color: #666666;}
</style>
<%}
//Check path
if (!isAllowed(new File((String)request.getAttribute(”dir”)), false)){
request.setAttribute(”error”, “You are not allowed to access ” + request.getAttribute(”dir”));
}
//Upload monitor
else if (request.getParameter(”uplMonitor”) != null) {%>
<style type=”text/css”>
BODY { font-family:Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; color: #666666;}
</style><%
String fname = request.getParameter(”uplMonitor”);
//First opening
boolean first = false;
if (request.getParameter(”first”) != null) first = true;
UplInfo info = new UplInfo();
if (!first) {
info = UploadMonitor.getInfo(fname);
if (info == null) {
//Windows
int posi = fname.lastIndexOf(”\\”);
if (posi != -1) info = UploadMonitor.getInfo(fname.substring(posi + 1));
}
if (info == null) {
//Unix
int posi = fname.lastIndexOf(”/”);
if (posi != -1) info = UploadMonitor.getInfo(fname.substring(posi + 1));
}
}
dir_view = false;
request.setAttribute(”dir”, null);
if (info.aborted) {
UploadMonitor.remove(fname);
%>
</head>
<body>
<b>Upload of <%=fname%></b><br><br>
Upload aborted.</body>
</html><%
}
else if (info.totalSize != info.currSize || info.currSize == 0) {
%>
<META HTTP-EQUIV=”Refresh” CONTENT=”<%=UPLOAD_MONITOR_REFRESH%>;URL=<%=browser_name %>?uplMonitor=<%=URLEncoder.encode(fname)%>”>
</head>
<body>
<b>Upload of <%=fname%></b><br><br>
<center>
<table height=”20px” width=”90%” bgcolor=”#eeeeee” style=”border:1px solid #cccccc”><tr>
<td bgcolor=”blue” width=”<%=info.getPercent()%>%”></td><td width=”<%=100-info.getPercent()%>%”></td>
</tr></table></center>
<%=convertFileSize(info.currSize)%> from <%=convertFileSize(info.totalSize)%>
(<%=info.getPercent()%> %) uploaded (Speed: <%=info.getUprate()%>).<br>
Time: <%=info.getTimeElapsed()%> from <%=info.getTimeEstimated()%>
</body>
</html><%
}
else {
UploadMonitor.remove(fname);
%>
</head>
<body onload=”javascript:window.close()”>
<b>Upload of <%=fname%></b><br><br>
Upload finished.
</body>
</html><%
}
}
//Comandwindow
else if (request.getParameter(”command”) != null) {
if (!NATIVE_COMMANDS){
request.setAttribute(”error”, “Execution of native commands is not allowed!”);
}
else if (!”Cancel”.equalsIgnoreCase(request.getParameter(”Submit”))) {
%>
<title>Launch commands in <%=request.getAttribute(”dir”)%></title>
</head>
<body><center>
<h2><%=LAUNCH_COMMAND %></h2><br />
<%
out.println(”<form action=\”" + browser_name + “\” method=\”Post\”>\n”
+ “<textarea name=\”text\” wrap=\”off\” cols=\”" + EDITFIELD_COLS
+ “\” rows=\”" + EDITFIELD_ROWS + “\” readonly>”);
String ret = “”;
if (!request.getParameter(”command”).equalsIgnoreCase(”"))
ret = startProcess(
request.getParameter(”command”), (String) request.getAttribute(”dir”));
out.println(ret);
%></textarea>
<input type=”hidden” name=”dir” value=”<%= request.getAttribute(”dir”)%>”>
<br /><br />
<table class=”formular”>
<tr><td title=”Enter your command”>
Command: <input size=”<%=EDITFIELD_COLS-5%>” type=”text” name=”command” value=”">
</td></tr>
<tr><td><input class=”button” type=”Submit” name=”Submit” value=”Launch”>
<input type=”hidden” name=”sort” value=”<%=request.getParameter(”sort”)%>”>
<input type=”Submit” class=”button” name=”Submit” value=”Cancel”></td></tr>
</table>
</form>
<br />
<hr>
<center>
<small>jsp File Browser version <%= VERSION_NR%> by <a href=”http://www.vonloesch.de”>www.vonloesch.de</a></small>
</center>
</center>
</body>
</html>
<%
dir_view = false;
request.setAttribute(”dir”, null);
}
}
//Click on a filename, special viewer (zip+jar file)
else if (request.getParameter(”file”) != null) {
File f = new File(request.getParameter(”file”));
if (!isAllowed(f, false)){
request.setAttribute(”error”, “You are not allowed to access ” + f.getAbsolutePath());
}
else if (isPacked(f.getName(), false)) {
//ZipFile
try {
ZipFile zf = new ZipFile(f);
Enumeration entries = zf.entries();
%>
<title><%= f.getAbsolutePath()%></title>
</head>
<body>
<h2>Content of <%=conv2Html(f.getName())%></h2><br />
<table class=”filelist” cellspacing=”1px” cellpadding=”0px”>
<th>Name</th><th>Uncompressed size</th><th>Compressed size</th><th>Compr. ratio</th><th>Date</th>
<%
long size = 0;
int fileCount = 0;
while (entries.hasMoreElements()) {
ZipEntry entry = (ZipEntry) entries.nextElement();
if (!entry.isDirectory()) {
fileCount++;
size += entry.getSize();
long ratio = 0;
if (entry.getSize() != 0) ratio = (entry.getCompressedSize() * 100)
/ entry.getSize();
out.println(”<tr class=\”mouseout\”><td>” + conv2Html(entry.getName())
+ “</td><td>” + convertFileSize(entry.getSize()) + “</td><td>”
+ convertFileSize(entry.getCompressedSize()) + “</td><td>”
+ ratio + “%” + “</td><td>”
+ dateFormat.format(new Date(entry.getTime())) + “</td></tr>”);
}
}
zf.close();
//No directory view
dir_view = false;
request.setAttribute(”dir”, null);
%>
</table>
<p align=center>
<b><%=convertFileSize(size)%> in <%=fileCount%> files in <%=f.getName()%>. Compression ratio: <%=(f.length() * 100) / size%>%
</b></p>
</body></html>
<%
}
catch (ZipException ex) {
request.setAttribute(”error”, “Cannot read ” + f.getName()
+ “, no valid zip file”);
}
catch (IOException ex) {
request.setAttribute(”error”, “Reading of ” + f.getName() + ” aborted. Error: ”
+ ex);
}
}
}
// Upload
else if ((request.getContentType() != null)
&& (request.getContentType().toLowerCase().startsWith(”multipart”))) {
if (!ALLOW_UPLOAD){
request.setAttribute(”error”, “Upload is forbidden!”);
}
response.setContentType(”text/html”);
HttpMultiPartParser parser = new HttpMultiPartParser();
boolean error = false;
try {
int bstart = request.getContentType().lastIndexOf(”oundary=”);
String bound = request.getContentType().substring(bstart + 8);
int clength = request.getContentLength();
Hashtable ht = parser
.processData(request.getInputStream(), bound, tempdir, clength);
if (!isAllowed(new File((String)ht.get(”dir”)), false)){
//This is a hack, cos we are writing to this directory
request.setAttribute(”error”, “You are not allowed to access ” + ht.get(”dir”));
error = true;
}
else if (ht.get(”myFile”) != null) {
FileInfo fi = (FileInfo) ht.get(”myFile”);
File f = fi.file;
UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
if (info != null && info.aborted) {
f.delete();
request.setAttribute(”error”, “Upload aborted”);
}
else {
// Move file from temp to the right dir
String path = (String) ht.get(”dir”);
if (!path.endsWith(File.separator)) path = path + File.separator;
if (!f.renameTo(new File(path + f.getName()))) {
request.setAttribute(”error”, “Cannot upload file.”);
error = true;
f.delete();
}
}
}
else {
request.setAttribute(”error”, “No file selected for upload”);
error = true;
}
request.setAttribute(”dir”, (String) ht.get(”dir”));
}
catch (Exception e) {
request.setAttribute(”error”, “Error ” + e + “. Upload aborted”);
error = true;
}
if (!error) request.setAttribute(”message”, “File upload correctly finished.”);
}
// The form to edit a text file
else if (request.getParameter(”editfile”) != null) {
File ef = new File(request.getParameter(”editfile”));
if (!isAllowed(ef, true)){
request.setAttribute(”error”, “You are not allowed to access ” + ef.getAbsolutePath());
}
else{
%>
<title>Edit <%=conv2Html(request.getParameter(”editfile”))%></title>
</head>
<body>
<center>
<h2>Edit <%=conv2Html(request.getParameter(”editfile”))%></h2><br />
<%
BufferedReader reader = new BufferedReader(new FileReader(ef));
String disable = “”;
if (!ef.canWrite()) disable = ” readonly”;
out.println(”<form action=\”" + browser_name + “\” method=\”Post\”>\n”
+ “<textarea name=\”text\” wrap=\”off\” cols=\”" + EDITFIELD_COLS
+ “\” rows=\”" + EDITFIELD_ROWS + “\”" + disable + “>”);
String c;
// Write out the file and check if it is a win or unix file
int i;
boolean dos = false;
boolean cr = false;
while ((i = reader.read()) >= 0) {
out.print(conv2Html(i));
if (i == ‘\r’) cr = true;
else if (cr && (i == ‘\n’)) dos = true;
else cr = false;
}
reader.close();
//No File directory is shown
request.setAttribute(”dir”, null);
dir_view = false;
%></textarea><br /><br />
<table class=”formular”>
<input type=”hidden” name=”nfile” value=”<%= request.getParameter(”editfile”)%>”>
<input type=”hidden” name=”sort” value=”<%=request.getParameter(”sort”)%>”>
<tr><td colspan=”2″><input type=”radio” name=”lineformat” value=”dos” <%= dos?”checked”:”"%>>Ms-Dos/Windows
<input type=”radio” name=”lineformat” value=”unix” <%= dos?”":”checked”%>>Unix
<input type=”checkbox” name=”Backup” checked>Write backup</td></tr>
<tr><td title=”Enter the new filename”><input type=”text” name=”new_name” value=”<%=ef.getName()%>”>
<input type=”Submit” name=”Submit” value=”Save”></td>
</form>
<form action=”<%=browser_name%>” method=”Post”>
<td align=”left”>
<input type=”Submit” name=”Submit” value=”Cancel”>
<input type=”hidden” name=”nfile” value=”<%= request.getParameter(”editfile”)%>”>
<input type=”hidden” name=”sort” value=”<%=request.getParameter(”sort”)%>”>
</td>
</form>
</tr>
</table>
</center>
<br />
<hr>
<center>
<small>jsp File Browser version <%= VERSION_NR%> by <a href=”http://www.vonloesch.de”>www.vonloesch.de</a></small>
</center>
</body>
</html>
<%
}
}
// Save or cancel the edited file
else if (request.getParameter(”nfile”) != null) {
File f = new File(request.getParameter(”nfile”));
if (request.getParameter(”Submit”).equals(”Save”)) {
File new_f = new File(getDir(f.getParent(), request.getParameter(”new_name”)));
if (!isAllowed(new_f, true)){
request.setAttribute(”error”, “You are not allowed to access ” + new_f.getAbsolutePath());
}
if (new_f.exists() && new_f.canWrite() && request.getParameter(”Backup”) != null) {
File bak = new File(new_f.getAbsolutePath() + “.bak”);
bak.delete();
new_f.renameTo(bak);
}
if (new_f.exists() && !new_f.canWrite()) request.setAttribute(”error”,
“Cannot write to ” + new_f.getName() + “, file is write protected.”);
else {
BufferedWriter outs = new BufferedWriter(new FileWriter(new_f));
StringReader text = new StringReader(request.getParameter(”text”));
int i;
boolean cr = false;
String lineend = “\n”;
if (request.getParameter(”lineformat”).equals(”dos”)) lineend = “\r\n”;
while ((i = text.read()) >= 0) {
if (i == ‘\r’) cr = true;
else if (i == ‘\n’) {
outs.write(lineend);
cr = false;
}
else if (cr) {
outs.write(lineend);
cr = false;
}
else {
outs.write(i);
cr = false;
}
}
outs.flush();
outs.close();
}
}
request.setAttribute(”dir”, f.getParent());
}
//Unpack file to the current directory without overwriting
else if (request.getParameter(”unpackfile”) != null) {
File f = new File(request.getParameter(”unpackfile”));
String root = f.getParent();
request.setAttribute(”dir”, root);
if (!isAllowed(new File(root), true)){
request.setAttribute(”error”, “You are not allowed to access ” + root);
}
//Check if file exists
else if (!f.exists()) {
request.setAttribute(”error”, “Cannot unpack ” + f.getName()
+ “, file does not exist”);
}
//Check if directory is readonly
else if (!f.getParentFile().canWrite()) {
request.setAttribute(”error”, “Cannot unpack ” + f.getName()
+ “, directory is write protected.”);
}
//GZip
else if (f.getName().toLowerCase().endsWith(”.gz”)) {
//New name is old Name without .gz
String newName = f.getAbsolutePath().substring(0, f.getAbsolutePath().length() – 3);
try {
byte buffer[] = new byte[0xffff];
copyStreams(new GZIPInputStream(new FileInputStream(f)), new FileOutputStream(
newName), buffer);
}
catch (IOException ex) {
request.setAttribute(”error”, “Unpacking of ” + f.getName()
+ ” aborted. Error: ” + ex);
}
}
//Else try Zip
else {
try {
ZipFile zf = new ZipFile(f);
Enumeration entries = zf.entries();
//First check whether a file already exist
boolean error = false;
while (entries.hasMoreElements()) {
ZipEntry entry = (ZipEntry) entries.nextElement();
if (!entry.isDirectory()
&& new File(root + File.separator + entry.getName()).exists()) {
request.setAttribute(”error”, “Cannot unpack ” + f.getName()
+ “, File ” + entry.getName() + ” already exists.”);
error = true;
break;
}
}
if (!error) {
//Unpack File
entries = zf.entries();
byte buffer[] = new byte[0xffff];
while (entries.hasMoreElements()) {
ZipEntry entry = (ZipEntry) entries.nextElement();
File n = new File(root + File.separator + entry.getName());
if (entry.isDirectory()) n.mkdirs();
else {
n.getParentFile().mkdirs();
n.createNewFile();
copyStreams(zf.getInputStream(entry), new FileOutputStream(n),
buffer);
}
}
zf.close();
request.setAttribute(”message”, “Unpack of ” + f.getName()
+ ” was successful.”);
}
}
catch (ZipException ex) {
request.setAttribute(”error”, “Cannot unpack ” + f.getName()
+ “, no valid zip file”);
}
catch (IOException ex) {
request.setAttribute(”error”, “Unpacking of ” + f.getName()
+ ” aborted. Error: ” + ex);
}
}
}
// Delete Files
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(DELETE_FILES))) {
Vector v = expandFileList(request.getParameterValues(”selfile”), true);
boolean error = false;
//delete backwards
for (int i = v.size() – 1; i >= 0; i–) {
File f = (File) v.get(i);
if (!isAllowed(f, true)){
request.setAttribute(”error”, “You are not allowed to access ” + f.getAbsolutePath());
error = true;
break;
}
if (!f.canWrite() || !f.delete()) {
request.setAttribute(”error”, “Cannot delete ” + f.getAbsolutePath()
+ “. Deletion aborted”);
error = true;
break;
}
}
if ((!error) && (v.size() > 1)) request.setAttribute(”message”, “All files deleted”);
else if ((!error) && (v.size() > 0)) request.setAttribute(”message”, “File deleted”);
else if (!error) request.setAttribute(”error”, “No files selected”);
}
// Create Directory
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(CREATE_DIR))) {
String dir = “” + request.getAttribute(”dir”);
String dir_name = request.getParameter(”cr_dir”);
String new_dir = getDir(dir, dir_name);
if (!isAllowed(new File(new_dir), true)){
request.setAttribute(”error”, “You are not allowed to access ” + new_dir);
}
else if (new File(new_dir).mkdirs()) {
request.setAttribute(”message”, “Directory created”);
}
else request.setAttribute(”error”, “Creation of directory ” + new_dir + ” failed”);
}
// Create a new empty file
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(CREATE_FILE))) {
String dir = “” + request.getAttribute(”dir”);
String file_name = request.getParameter(”cr_dir”);
String new_file = getDir(dir, file_name);
if (!isAllowed(new File(new_file), true)){
request.setAttribute(”error”, “You are not allowed to access ” + new_file);
}
// Test, if file_name is empty
else if (!”".equals(file_name.trim()) && !file_name.endsWith(File.separator)) {
if (new File(new_file).createNewFile()) request.setAttribute(”message”,
“File created”);
else request.setAttribute(”error”, “Creation of file ” + new_file + ” failed”);
}
else request.setAttribute(”error”, “Error: ” + file_name + ” is not a valid filename”);
}
// Rename a file
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(RENAME_FILE))) {
Vector v = expandFileList(request.getParameterValues(”selfile”), true);
String dir = “” + request.getAttribute(”dir”);
String new_file_name = request.getParameter(”cr_dir”);
String new_file = getDir(dir, new_file_name);
if (!isAllowed(new File(new_file), true)){
request.setAttribute(”error”, “You are not allowed to access ” + new_file);
}
// The error conditions:
// 1) Zero Files selected
else if (v.size() <= 0) request.setAttribute(”error”,
“Select exactly one file or folder. Rename failed”);
// 2a) Multiple files selected and the first isn’t a dir
// Here we assume that expandFileList builds v from top-bottom, starting with the dirs
else if ((v.size() > 1) && !(((File) v.get(0)).isDirectory())) request.setAttribute(
“error”, “Select exactly one file or folder. Rename failed”);
// 2b) If there are multiple files from the same directory, rename fails
else if ((v.size() > 1) && ((File) v.get(0)).isDirectory()
&& !(((File) v.get(0)).getPath().equals(((File) v.get(1)).getParent()))) {
request.setAttribute(”error”, “Select exactly one file or folder. Rename failed”);
}
else {
File f = (File) v.get(0);
if (!isAllowed(f, true)){
request.setAttribute(”error”, “You are not allowed to access ” + f.getAbsolutePath());
}
// Test, if file_name is empty
else if ((new_file.trim() != “”) && !new_file.endsWith(File.separator)) {
if (!f.canWrite() || !f.renameTo(new File(new_file.trim()))) {
request.setAttribute(”error”, “Creation of file ” + new_file + ” failed”);
}
else request.setAttribute(”message”, “Renamed file ”
+ ((File) v.get(0)).getName() + ” to ” + new_file);
}
else request.setAttribute(”error”, “Error: \”" + new_file_name
+ “\” is not a valid filename”);
}
}
// Move selected file(s)
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(MOVE_FILES))) {
Vector v = expandFileList(request.getParameterValues(”selfile”), true);
String dir = “” + request.getAttribute(”dir”);
String dir_name = request.getParameter(”cr_dir”);
String new_dir = getDir(dir, dir_name);
if (!isAllowed(new File(new_dir), false)){
request.setAttribute(”error”, “You are not allowed to access ” + new_dir);
}
else{
boolean error = false;
// This ensures that new_dir is a directory
if (!new_dir.endsWith(File.separator)) new_dir += File.separator;
for (int i = v.size() – 1; i >= 0; i–) {
File f = (File) v.get(i);
if (!isAllowed(f, true)){
request.setAttribute(”error”, “You are not allowed to access ” + f.getAbsolutePath());
error = true;
break;
}
else if (!f.canWrite() || !f.renameTo(new File(new_dir
+ f.getAbsolutePath().substring(dir.length())))) {
request.setAttribute(”error”, “Cannot move ” + f.getAbsolutePath()
+ “. Move aborted”);
error = true;
break;
}
}
if ((!error) && (v.size() > 1)) request.setAttribute(”message”, “All files moved”);
else if ((!error) && (v.size() > 0)) request.setAttribute(”message”, “File moved”);
else if (!error) request.setAttribute(”error”, “No files selected”);
}
}
// Copy Files
else if ((request.getParameter(”Submit”) != null)
&& (request.getParameter(”Submit”).equals(COPY_FILES))) {
Vector v = expandFileList(request.getParameterValues(”selfile”), true);
String dir = (String) request.getAttribute(”dir”);
if (!dir.endsWith(File.separator)) dir += File.separator;
String dir_name = request.getParameter(”cr_dir”);
String new_dir = getDir(dir, dir_name);
if (!isAllowed(new File(new_dir), true)){
request.setAttribute(”error”, “You are not allowed to access ” + new_dir);
}
else{
boolean error = false;
if (!new_dir.endsWith(File.separator)) new_dir += File.separator;
try {
byte buffer[] = new byte[0xffff];
for (int i = 0; i < v.size(); i++) {
File f_old = (File) v.get(i);
File f_new = new File(new_dir + f_old.getAbsolutePath().substring(dir.length()));
if (!isAllowed(f_old, false)|| !isAllowed(f_new, true)){
request.setAttribute(”error”, “You are not allowed to access ” + f_new.getAbsolutePath());
error = true;
}
else if (f_old.isDirectory()) f_new.mkdirs();
// Overwriting is forbidden
else if (!f_new.exists()) {
copyStreams(new FileInputStream(f_old), new FileOutputStream(f_new), buffer);
}
else {
// File exists
request.setAttribute(”error”, “Cannot copy ” + f_old.getAbsolutePath()
+ “, file already exists. Copying aborted”);
error = true;
break;
}
}
}
catch (IOException e) {
request.setAttribute(”error”, “Error ” + e + “. Copying aborted”);
error = true;
}
if ((!error) && (v.size() > 1)) request.setAttribute(”message”, “All files copied”);
else if ((!error) && (v.size() > 0)) request.setAttribute(”message”, “File copied”);
else if (!error) request.setAttribute(”error”, “No files selected”);
}
}
// Directory viewer
if (dir_view && request.getAttribute(”dir”) != null) {
File f = new File(”" + request.getAttribute(”dir”));
//Check, whether the dir exists
if (!f.exists() || !isAllowed(f, false)) {
if (!f.exists()){
request.setAttribute(”error”, “Directory ” + f.getAbsolutePath() + ” does not exist.”);
}
else{
request.setAttribute(”error”, “You are not allowed to access ” + f.getAbsolutePath());
}
//if attribute olddir exists, it will change to olddir
if (request.getAttribute(”olddir”) != null && isAllowed(new File((String) request.getAttribute(”olddir”)), false)) {
f = new File(”" + request.getAttribute(”olddir”));
}
//try to go to the parent dir
else {
if (f.getParent() != null && isAllowed(f, false)) f = new File(f.getParent());
}
//If this dir also do also not exist, go back to browser.jsp root path
if (!f.exists()) {
String path = null;
if (application.getRealPath(request.getRequestURI()) != null) path = new File(
application.getRealPath(request.getRequestURI())).getParent();
if (path == null) // handle the case were we are not in a directory (ex: war file)
path = new File(”.”).getAbsolutePath();
f = new File(path);
}
if (isAllowed(f, false)) request.setAttribute(”dir”, f.getAbsolutePath());
else request.setAttribute(”dir”, null);
}
%>
<script type=”text/javascript” src=”<%=browser_name %>?Javascript”>
</script>
<title><%=request.getAttribute(”dir”)%></title>
</head>
<body>
<%
//Output message
if (request.getAttribute(”message”) != null) {
out.println(”<table border=\”0\” width=\”100%\”><tr><td class=\”message\”>”);
out.println(request.getAttribute(”message”));
out.println(”</td></tr></table>”);
}
//Output error
if (request.getAttribute(”error”) != null) {
out.println(”<table border=\”0\” width=\”100%\”><tr><td class=\”error\”>”);
out.println(request.getAttribute(”error”));
out.println(”</td></tr></table>”);
}
if (request.getAttribute(”dir”) != null){
%>
<form class=”formular” action=”<%= browser_name %>” method=”Post” name=”FileList”>
Filename filter: <input name=”filt” onKeypress=”event.cancelBubble=true;” onkeyup=”filter(this)” type=”text”>
<br /><br />
<table id=”filetable” class=”filelist” cellspacing=”1px” cellpadding=”0px”>
<%
// Output the table, starting with the headers.
String dir = URLEncoder.encode(”" + request.getAttribute(”dir”));
String cmd = browser_name + “?dir=” + dir;
int sortMode = 1;
if (request.getParameter(”sort”) != null) sortMode = Integer.parseInt(request
.getParameter(”sort”));
int[] sort = new int[] {1, 2, 3, 4};
for (int i = 0; i < sort.length; i++)
if (sort[i] == sortMode) sort[i] = -sort[i];
out.print(”<tr><th> </th><th title=\”Sort files by name\” align=left><a href=\”"
+ cmd + “&sort=” + sort[0] + “\”>Name</a></th>”
+ “<th title=\”Sort files by size\” align=\”right\”><a href=\”" + cmd
+ “&sort=” + sort[1] + “\”>Size</a></th>”
+ “<th title=\”Sort files by type\” align=\”center\”><a href=\”" + cmd
+ “&sort=” + sort[3] + “\”>Type</a></th>”
+ “<th title=\”Sort files by date\” align=\”left\”><a href=\”" + cmd
+ “&sort=” + sort[2] + “\”>Date</a></th>”
+ “<th> </th>”);
if (!READ_ONLY) out.print (”<th> </th>”);
out.println(”</tr>”);
char trenner = File.separatorChar;
// Output the Root-Dirs, without FORBIDDEN_DRIVES
File[] entry = File.listRoots();
for (int i = 0; i < entry.length; i++) {
boolean forbidden = false;
for (int i2 = 0; i2 < FORBIDDEN_DRIVES.length; i2++) {
if (entry[i].getAbsolutePath().toLowerCase().equals(FORBIDDEN_DRIVES[i2])) forbidden = true;
}
if (!forbidden) {
out.println(”<tr class=\”mouseout\” onmouseover=\”this.className=’mousein’\”"
+ “onmouseout=\”this.className=’mouseout’\”>”);
out.println(”<td> </td><td align=left >”);
String name = URLEncoder.encode(entry[i].getAbsolutePath());
String buf = entry[i].getAbsolutePath();
out.println(” <a href=\”" + browser_name + “?sort=” + sortMode
+ “&dir=” + name + “\”>[" + buf + "]</a>”);
out.print(”</td><td> </td><td> </td><td> </td><td> </td><td></td></tr>”);
}
}
// Output the parent directory link “..”
if (f.getParent() != null) {
out.println(”<tr class=\”mouseout\” onmouseover=\”this.className=’mousein’\”"
+ “onmouseout=\”this.className=’mouseout’\”>”);
out.println(”<td></td><td align=left>”);
out.println(” <a href=\”" + browser_name + “?sort=” + sortMode + “&dir=”
+ URLEncoder.encode(f.getParent()) + “\”>” + FOL_IMG + “[..]</a>”);
out.print(”</td><td> </td><td> </td><td> </td><td> </td><td></td></tr>”);
}
// Output all files and dirs and calculate the number of files and total size
entry = f.listFiles();
if (entry == null) entry = new File[] {};
long totalSize = 0; // The total size of the files in the current directory
long fileCount = 0; // The count of files in the current working directory
if (entry != null && entry.length > 0) {
Arrays.sort(entry, new FileComp(sortMode));
for (int i = 0; i < entry.length; i++) {
String name = URLEncoder.encode(entry[i].getAbsolutePath());
String type = “File”; // This String will tell the extension of the file
if (entry[i].isDirectory()) type = “DIR”; // It’s a DIR
else {
String tempName = entry[i].getName().replace(’ ‘, ‘_’);
if (tempName.lastIndexOf(’.') != -1) type = tempName.substring(
tempName.lastIndexOf(’.')).toLowerCase();
}
String ahref = “<a onmousedown=\”dis()\” href=\”" + browser_name + “?sort=”
+ sortMode + “&”;
String dlink = “ ”; // The “Download” link
String elink = “ ”; // The “Edit” link
String buf = conv2Html(entry[i].getName());
if (!entry[i].canWrite()) buf = “<i>” + buf + “</i>”;
String link = buf; // The standard view link, uses Mime-type
if (entry[i].isDirectory()) {
if (entry[i].canRead() && USE_DIR_PREVIEW) {
//Show the first DIR_PREVIEW_NUMBER directory entries in a tooltip
File[] fs = entry[i].listFiles();
if (fs == null) fs = new File[] {};
Arrays.sort(fs, new FileComp());
StringBuffer filenames = new StringBuffer();
for (int i2 = 0; (i2 < fs.length) && (i2 < 10); i2++) {
String fname = conv2Html(fs[i2].getName());
if (fs[i2].isDirectory()) filenames.append(”[" + fname + "];”);
else filenames.append(fname + “;”);
}
if (fs.length > DIR_PREVIEW_NUMBER) filenames.append(”…”);
else if (filenames.length() > 0) filenames
.setLength(filenames.length() – 1);
link = ahref + “dir=” + name + “\” title=\”" + filenames + “\”>”
+ FOL_IMG + “[" + buf + "]</a>”;
}
else if (entry[i].canRead()) {
link = ahref + “dir=” + name + “\”>” + FOL_IMG + “[" + buf + "]</a>”;
}
else link = FOL_IMG + “[" + buf + "]“;
}
else if (entry[i].isFile()) { //Entry is file
totalSize = totalSize + entry[i].length();
fileCount = fileCount + 1;
if (entry[i].canRead()) {
dlink = ahref + “downfile=” + name + “\”>Download</a>”;
//If you click at the filename
if (USE_POPUP) link = ahref + “file=” + name + “\” target=\”_blank\”>”
+ buf + “</a>”;
else link = ahref + “file=” + name + “\”>” + buf + “</a>”;
if (entry[i].canWrite()) { // The file can be edited
//If it is a zip or jar File you can unpack it
if (isPacked(name, true)) elink = ahref + “unpackfile=” + name
+ “\”>Unpack</a>”;
else elink = ahref + “editfile=” + name + “\”>Edit</a>”;
}
else { // If the file cannot be edited
//If it is a zip or jar File you can unpack it
if (isPacked(name, true)) elink = ahref + “unpackfile=” + name
+ “\”>Unpack</a>”;
else elink = ahref + “editfile=” + name + “\”>View</a>”;
}
}
else {
link = buf;
}
}
String date = dateFormat.format(new Date(entry[i].lastModified()));
out.println(”<tr class=\”mouseout\” onmouseup=\”selrow(this, 2)\” ”
+ “onmouseover=\”selrow(this, 0);\” onmouseout=\”selrow(this, 1)\”>”);
if (entry[i].canRead()) {
out.println(”<td align=center><input type=\”checkbox\” name=\”selfile\” value=\”"
+ name + “\” onmousedown=\”dis()\”></td>”);
}
else {
out.println(”<td align=center><input type=\”checkbox\” name=\”selfile\” disabled></td>”);
}
out.print(”<td align=left> ” + link + “</td>”);
if (entry[i].isDirectory()) out.print(”<td> </td>”);
else {
out.print(”<td align=right title=\”" + entry[i].length() + ” bytes\”>”
+ convertFileSize(entry[i].length()) + “</td>”);
}
out.println(”<td align=\”center\”>” + type + “</td><td align=left> ” + // The file type (extension)
date + “</td><td>” + // The date the file was created
dlink + “</td>”); // The download link
if (!READ_ONLY)
out.print (”<td>” + elink + “</td>”); // The edit link (or view, depending)
out.println(”</tr>”);
}
}%>
</table>
<input type=”checkbox” name=”selall” onClick=”AllFiles(this.form)”>Select all
<p align=center>
<b title=”<%=totalSize%> bytes”>
<%=convertFileSize(totalSize)%></b><b> in <%=fileCount%> files in <%= dir2linkdir((String) request.getAttribute(”dir”), browser_name, sortMode)%>
</b>
</p>
<input type=”hidden” name=”dir” value=”<%=request.getAttribute(”dir”)%>”>
<input type=”hidden” name=”sort” value=”<%=sortMode%>”>
<input title=”Download selected files and directories as one zip file” class=”button” id=”but_Zip” type=”Submit” name=”Submit” value=”<%=SAVE_AS_ZIP%>”>
<% if (!READ_ONLY) {%>
<input title=”Delete all selected files and directories incl. subdirs” class=”button” id=”but_Del” type=”Submit” name=”Submit” value=”<%=DELETE_FILES%>”
onclick=”return confirm(’Do you really want to delete the entries?’)”>
<% } %>
<% if (!READ_ONLY) {%>
<br />
<input title=”Enter new dir or filename or the relative or absolute path” class=”textfield” type=”text” onKeypress=”event.cancelBubble=true;” id=”text_Dir” name=”cr_dir”>
<input title=”Create a new directory with the given name” class=”button” id=”but_NDi” type=”Submit” name=”Submit” value=”<%=CREATE_DIR%>”>
<input title=”Create a new empty file with the given name” class=”button” id=”but_NFi” type=”Submit” name=”Submit” value=”<%=CREATE_FILE%>”>
<input title=”Move selected files and directories to the entered path” id=”but_Mov” class=”button” type=”Submit” name=”Submit” value=”<%=MOVE_FILES%>”>
<input title=”Copy selected files and directories to the entered path” id=”but_Cop” class=”button” type=”Submit” name=”Submit” value=”<%=COPY_FILES%>”>
<input title=”Rename selected file or directory to the entered name” id=”but_Ren” class=”button” type=”Submit” name=”Submit” value=”<%=RENAME_FILE%>”>
<% } %>
</form>
<br />
<div class=”formular”>
<% if (ALLOW_UPLOAD) { %>
<form class=”formular2″ action=”<%= browser_name%>” enctype=”multipart/form-data” method=”POST”>
<input type=”hidden” name=”dir” value=”<%=request.getAttribute(”dir”)%>”>
<input type=”hidden” name=”sort” value=”<%=sortMode%>”>
<input type=”file” class=”textfield” onKeypress=”event.cancelBubble=true;” name=”myFile”>
<input title=”Upload selected file to the current working directory” type=”Submit” class=”button” name=”Submit” value=”<%=UPLOAD_FILES%>”
onClick=”javascript:popUp(’<%= browser_name%>’)”>
</form>
<%} %>
<% if (NATIVE_COMMANDS) {%>
<form class=”formular2″ action=”<%= browser_name%>” method=”POST”>
<input type=”hidden” name=”dir” value=”<%=request.getAttribute(”dir”)%>”>
<input type=”hidden” name=”sort” value=”<%=sortMode%>”>
<input type=”hidden” name=”command” value=”">
<input title=”Launch command in current directory” type=”Submit” class=”button” id=”but_Lau” name=”Submit” value=”<%=LAUNCH_COMMAND%>”>
</form><%
}%>
</div>
<%}%>
<hr>
<center>
<small>jsp File Browser version <%= VERSION_NR%> by <a href=”http://www.vonloesch.de”>www.vonloesch.de</a></small>
</center>
</body>
</html><%
}
%>
example-css.css:
input.button { background-color: #EF9C00;
color: #8C5900;
border: 2px outset #EF9C00; }
input.button:Hover { color: #444444 }
input { background-color:#FDEBCF;
border: 2px inset #FDEBCF }
table.filelist { background-color:#FDE2B8;
width:100%;
border:3px solid #ffffff }
th { background-color:#BC001D;
font-size: 10pt;
color:#022F55 }
tr.mouseout { background-color:#F5BA5C; }
tr.mouseout td {border:1px solid #F5BA5C;}
tr.mousein { background-color:#EF9C00; }
tr.mousein td { border-top:1px solid #3399ff;
border-bottom:1px solid #3399FF;
border-left:1px solid #EF9C00;
border-right:1px solid #EF9C00; }
tr.checked { background-color:#B57600 }
tr.checked td {border:1px solid #B57600;}
tr.mousechecked { background-color:#8C5900 }
tr.mousechecked td {border:1px solid #8C5900;}
td { font-family:Verdana, Arial, Helvetica, sans-serif;
font-size: 7pt;
color: #FFF5E8; }
td.message { background-color: #FFFF00;
color: #000000;
text-align:center;
font-weight:bold }
.formular {margin: 1px; background-color:#ffffff; padding: 1em; border:1px solid #000000;}
.formular2 {margin: 1px;}
A { text-decoration: none;
color: #005073
}
A:Hover { color : #022F55;
text-decoration : underline; }
BODY { font-family:Verdana, Arial, Helvetica, sans-serif;
font-size: 8pt;
color: #666666;
background-color: #FDE2B8;
}
TABLE OF CONTENTS
How do I communicate with a JSP page from an applet?
How does the performance of JSP pages compare with that of servlets? How does it compare with Perl scripts?
What’s the difference between the JSDK and the JSWDK? And what’s the current version?
How can I get to print the stacktrace for an exception occuring within my JSP page?
Can I invoke a JSP error page from a servlet?
How can I send email from a JSP page?
How do I use a scriptlet to initialize a newly instantiated bean?
Can you make use of a ServletOutputStream object from within a JSP page?
How can I enable session tracking for JSP pages if the browser has disabled cookies?
How can I declare methods within my JSP page?
Can I stop JSP execution while in the midst of processing a request?
Is there a way I can set the inactivity lease period on a per-session basis?
How can I get to view any compilation/parsing errors at the client while developing JSP pages?
How can I delete a cookie from within a JSP page?
How do I set a cookie within a JSP page?
Can a JSP page instantiate a serialized bean?
Is there a way to reference the “this” variable within a JSP page?
Can JSPs and servlets share the same session?
Show me an example of POST request chaining using JSPs and servlets
How does a servlet communicate with a JSP page?
JSP 0.91 and 0.92 specifications are no longer available at java.sun.com. Is there somewhere else I can download them?
Where can I find the complete list of commercial vendor support for JSP?
Are there any JSP engines which support JavaScript?
How does the “application” scope work with the useBean tag?
My JSP file compiles just fine…but I always get a NoClassDefFoundError when I try to access a bean via the useBean tag. Why?
How can I implement a thread-safe JSP page?
Can a JSP page process HTML FORM data?
How does JSP handle run-time exceptions?
What JSP lifecycle methods can I override?
How can I override the jspInit() and jspDestroy() methods within a JSP page?
How do I include static files within a JSP page?
How do I use comments within a JSP page?
How do I perform browser redirection from a JSP page?
How do I prevent the output of my JSP pages from being cached by the browser?
It’s similar to communication between Servlet and Applet. I’m also suffering for that. In applet, there is no problem when posting a request to JSP. But in case of getting a response of JSP, “java.io.StreamCorruptedException” occurs if I use ObjectInputStream. It’s fine, however, if I use InputStreamReader. Confer the sample below.
/** applet */
:
// Get URLConnection
String urlStr = “http://www.webtrack.co.kr/jsp/appletproxy.jsp”;
URL serverURL = new URL(urlStr);
URLConnection uc = serverURL.openConnection();
uc.setDoOutput(true); // intends to write data to the URL connection
uc.setUseCaches(false); // the protocol must always try to get a fresh copy of the object
uc.setRequestProperty(”Content-type”, “application/octet-stream”);
// Request(POST)
ObjectOutputStream objOut = new ObjectOutputStream(uc.getOutputStream());
objOut.writeObject(new String(”Hello, acidzazz?”));
objOut.flush();
objOut.close();
// Get Server’s response
ObjectInputStream objIn = new ObjectInputStream(uc.getInputStream());
BufferedReader ir = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String s = “”;
while( (s = ir.readLine()) != null )
System.out.println(s);
ir.close();
:
/** JSP */
:
<%
// Get Request(POST) of applet
ObjectInputStream objIn = new ObjectInputStream(request.getInputStream());
userID = (String)objIn.readObject();
objIn.close();
// Response to Applet
response.setContentType(”application/octet-stream”);
ObjectOutputStream objOut = new ObjectOutputStream(response.getOutputStream());
objOut.writeObject(new String(”Hello, applet”);
objOut.flush();
objOut.close();
:
%>
The performance of JSP pages is very close to that of servlets. However, users may experience a perceptible delay when a JSP page is accessed for the very first time. This is because the JSP page undergoes a “translation phase” wherein it is converted into a servlet by the JSP engine. Once this servlet is dynamically compiled and loaded into memory, it follows the servlet life cycle for request processing. Here, the jspInit() method is automatically invoked by the JSP engine upon loading the servlet, followed by the _jspService() method, which is responsible for request processing and replying to the client. Do note that the lifetime of this servlet is non-deterministic – it may be removed from memory at any time by the JSP engine for resource-related reasons. When this happens, the JSP engine automatically invokes the jspDestroy() method allowing the servlet to free any previously allocated resources.
Subsequent client requests to the JSP page does not result in a repeat of the translation phase as long as the servlet is cached in memory, and are directly handled by the servlet’s service() method in a concurrent fashion (i.e. the service() method handles each client request within a seperate thread concurrently.)
There have been some recent studies contrasting the performance of servlets with Perl scripts running in a “real-life” environment. The results are favorable to servlets, especially when they are running in a clustered environment. For details, see:
http://www.objexcel.com/workingjava.htm#Web Server Benchmarks
The kit for developing servlets, containing the Servlet API classes and tools, used to be called the Java Servlet Development Kit (JSDK). Then Sun renamed the Java Development Kit (JDK) to the Java 2 Software Development Kit (J2SDK). Since J2SDK sounds a lot like JSDK, the Servlet team renamed JSDK to JavaServer Web Development Kit (JSWDK). (They also added support for JSPs.)
Here’s where it gets confusing. When they renamed it, they also renumbered it. So the JSWDK 1.0 is actually more recent than the JSDK 2.1. It’s also confusing that when people want to develop servlets, they have to download something called a JavaServer Web Development Kit, which sounds like it should be used to develop servers, not servlets.
A further confusion is that the Servlet spec is developed independently from the JSP spec, and they both have different versions than the JSDK/JSWDK.
The following table summarizes the confusion.
|
Product |
Version |
Servlet spec |
JSP spec |
|
3.0 |
2.2 |
1.1 |
|
|
1.0.1 |
2.1 |
1.0.1 |
|
|
2.1 |
2.1 |
none |
|
|
2.0 |
2.0 |
none |
Make sure you look for the “W”!
By printing out the exception’s stack trace, you can usually diagonse a problem better when debugging JSP pages. By looking at a stack trace, a programmer should be able to discern which method threw the exception and which method called that method.
However, you cannot print the stacktrace using the JSP out implicit variable, which is of type JspWriter. You will have to use a PrintWriter object instead. The following snippet demonstrates how you can print a stacktrace from within a JSP error page:
<%@ page isErrorPage=”true” %>
<%
out.println(”<pre>”);
PrintWriter pw = response.getWriter();
exception.printStackTrace(pw);
out.println(”</pre>”);
%>
Yes, you can invoke the JSP error page and pass the exception object to it from within a servlet. The trick is to create a request dispatcher for the JSP error page, and pass the exception object as a javax.servlet.jsp.jspException request attribute. However, note that you can do this from only within controller servlets. If your servlet opens an OutputStream or PrintWriter, the JSP engine will throw the following translation error:
java.lang.IllegalStateException: Cannot forward as OutputStream or Writer has already been obtained
The following code snippet demonstrates the invocation of a JSP error page from within a controller servlet:
protected void sendErrorRedirect(HttpServletRequest request, HttpServletResponse response, String errorPageURL, Throwable e)
throws ServletException, IOException {
request.setAttribute (”javax.servlet.jsp.jspException”, e);
getServletConfig().getServletContext().getRequestDispatcher(errorPageURL).forward(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response) {
try {
// do something
} catch (Exception ex) {
try {
sendErrorRedirect(request,response,”/jsp/MyErrorPage.jsp”,ex);
} catch (Exception e) {
e.printStackTrace();
}
}
}
You can send email from any JSP engine (like the JSWDK reference implementation) that supports the Sun specific sun.net.smtp package.
(Statutory warning: Using internal Sun-specific packages is not an approach jGuru recommends, as it will prevent your JSP pages from being truly portable.)
The following scriptlet makes use of the SmtpClient class to send an email from within a JSP page.
<%@ page import=”sun.net.smtp.SmtpClient, java.io.*” %>
<%
String from=”gseshadri@hotmail.com”;
String to=”govind@jguru.com, govi@bigfoot.com”;
try{
SmtpClient client = new SmtpClient(”mail.perspex.com”);
client.from(from);
client.to(to);
PrintStream message = client.startMessage();
message.println(”To: ” + to);
message.println(”Subject: Sending email from JSP!”);
message.println(”This was sent from a JSP page!”);
message.println();
message.println(”Cool beans! 
”);
message.println();
message.println(”Govind Seshadri”);
message.println(”jGuru.com”);
message.println();
client.closeServer();
}
catch (IOException e){
System.out.println(”ERROR SENDING EMAIL:”+e);
}
%>
A jsp:useBean action may optionally have a body. If the body is specified, its contents will be automatically invoked when the specified bean is instantiated. Typically, the body will contain scriptlets or jsp:setProperty tags to initialize the newly instantiated bean, although you are not restricted to using those alone.
The following example shows the “today” property of the Foo bean initialized to the current date when it is instantiated. Note that here, we make use of a JSP expression within the jsp:setProperty action.
<jsp:useBean id=”foo” class=”com.Bar.Foo” >
<jsp:setProperty name=”foo” property=”today” value=”<%=java.text.DateFormat.getDateInstance().format(new java.util.Date())
%>”/>
<%– scriptlets calling bean setter methods go here –%>
</jsp:useBean >
No. You are supposed to make use of only a JSPWriter object (given to you in the form of the implicit object out) for replying to clients.
A JSPWriter can be viewed as a buffered version of the stream object returned by response.getWriter(), although from an implementational perspective, it is not. A page author can always disable the default buffering for any page using a page directive as:
<%@ page buffer=”none” %>
We know that session tracking uses cookies by default to associate a session identifier with a unique user. If the browser does not support cookies, or if cookies are disabled, you can still enable session tracking using URL rewriting.
URL rewriting essentially includes the session ID within the link itself as a name/value pair. However, for this to be effective, you need to append the session ID for each and every link that is part of your servlet response.
Adding the session ID to a link is greatly simplified by means of of a couple of methods: response.encodeURL() associates a session ID with a given URL, and if you are using redirection, response.encodeRedirectURL() can be used by giving the redirected URL as input.
Both encodeURL() and encodeRedirectedURL() first determine whether cookies are supported by the browser; if so, the input URL is returned unchanged since the session ID will be persisted as a cookie.
Consider the following example, in which two JSP files, say hello1.jsp and hello2.jsp, interact with each other. Basically, we create a new session within hello1.jsp and place an object within this session. The user can then traverse to hello2.jsp by clicking on the link present within the page.Within hello2.jsp, we simply extract the object that was earlier placed in the session and display its contents. Notice that we invoke the encodeURL() within hello1.jsp on the link used to invoke hello2.jsp; if cookies are disabled, the session ID is automatically appended to the URL, allowing hello2.jsp to still retrieve the session object.
Try this example first with cookies enabled. Then disable cookie support, restart the brower, and try again. Each time you should see the maintenance of the session across pages.
Do note that to get this example to work with cookies disabled at the browser, your JSP engine has to support URL rewriting.
hello1.jsp
<%@ page session=”true” %>
<%
Integer num = new Integer(100);
session.putValue(”num”,num);
String url =response.encodeURL(”hello2.jsp”);
%>
<a href=’<%=url%>’>hello2.jsp</a>
hello2.jsp
<%@ page session=”true” %>
<%
Integer i= (Integer )session.getValue(”num”);
out.println(”Num value in session is “+i.intValue());
%>
What’s a better approach for enabling thread-safe servlets and JSPs? SingleThreadModel Interface or Synchronization?
Although the SingleThreadModel technique is easy to use, and works well for low volume sites, it does not scale well. If you anticipate your users to increase in the future, you may be better off implementing explicit synchronization for your shared data. The key however, is to effectively minimize the amount of code that is synchronzied so that you take maximum advantage of multithreading.
Also, note that SingleThreadModel is pretty resource intensive from the server’s perspective. The most serious issue however is when the number of concurrent requests exhaust the servlet instance pool. In that case, all the unserviced requests are queued until something becomes free – which results in poor performance. Since the usuage is non-deterministic, it may not help much even if you did add more memory and increased the size of the instance pool.
You can declare methods for use within your JSP page as declarations. The methods can then be invoked within any other methods you declare, or within JSP scriptlets and expressions.
Do note that you do not have direct access to any of the JSP implicit objects like request, response, session and so forth from within JSP methods. However, you should be able to pass any of the implicit JSP variables as parameters to the methods you declare. For example:
<%!
public String whereFrom(HttpServletRequest req) {
HttpSession ses = req.getSession();
…
return req.getRemoteHost();
}
%>
<%
out.print(”Hi there, I see that you are coming in from “);
%>
<%= whereFrom(request) %>
Yes. Preemptive termination of request processing on an error condition is a good way to maximize the throughput of a high-volume JSP engine. The trick (asuming Java is your scripting language) is to use the return statement when you want to terminate further processing.
For example, consider:
<%
if (request.getParameter(”foo”) != null) {
// generate some html or update bean property
} else {
/* output some error message or provide redirection
back to the input form after creating a memento
bean updated with the ‘valid’ form elements that were input.
this bean can now be used by the previous form to initialize
the input elements that were valid
then, return from the body of the _jspService() method to
terminate further processing */
return;
}
%>
Typically, a default inactivity lease period for all sessions is set within your JSP engine admin screen or associated properties file.
However, if your JSP engine supports the Servlet 2.1 API, you can manage the inactivity lease period on a per-session basis. This is done by invoking the HttpSession.setMaxInactiveInterval() method, right after the session has been created. For example:
<%
session.setMaxInactiveInterval(300);
%>
would reset the inactivity period for this session to 5 minutes. The inactivity interval is set in seconds.
With JSWDK 1.0, set the following servlet initialization property within the \WEB-INF\servlets.properties file for your application:
jsp.initparams=sendErrToClient=true
This will cause any compilation/parsing errors to be sent as part of the response to the client.
A cookie, mycookie, can be deleted using the following scriptlet:
<%
Cookie killMyCookie = new Cookie(”mycookie”, null);
killMyCookie.setMaxAge(0);
killMyCookie.setPath(”/”);
response.addCookie(killMyCookie);
%>
Setting cookies from within a JSP page is similar to the way they are done within servlets. For example, the following scriptlet sets a cookie “mycookie” at the client:
<%
Cookie mycookie = new Cookie(”aName”,”aValue”);
response.addCookie(mycookie);
%>
Typically, cookies are set at the beginning of a JSP page, as they are sent out as part of the HTTP headers.
No problem! The useBean action specifies the beanName attribute, which can be used for indicating a serialized bean. For example:
<jsp:useBean id=”shop” type=”shopping.CD” beanName=”CD” />
<jsp:getProperty name=”shop” property=”album” />
A couple of important points to note. Although you would have to name your serialized file “filename.ser”, you only indicate “filename” as the value for the beanName attribute.
Also, you will have to place your serialized file within the WEB-INF\jsp\beans directory for it to be located by the JSP engine.
Yes, there is. Under JSP 1.0, the page implicit object is equivalent to “this”, and returns a reference to the servlet generated by the JSP page.
With Sun’s JSWDK 1.0, I can access only the class file for the servlet generated from my JSP page. Is there a way to see the Java source for the generated servlets?
For Sun’s JSWDK 1.0, set the initialization parameter:
jsp.initparams=keepgenerated=true
This can be found within the web-inf/servlets.properties file for your application.
When this is passed to your JSP servlet, it will preserve the Java source along with the class file in the work subdirectory for the engine.
Yes, of course. Remember, JSPs are always translated into their servlet equivalent before they are initialized and ready to process incoming requests. JSP pages are also provided with the session implicit object which allows them to completely manage the session, including its creation and invalidation.
Any bean or object placed by the JSP page into the session can be later used by any other servlet or JSP page belonging to the same session.
The following code example demonstrates how request chaining can be implemented using a combination of JSPs and servlets.
Consider the following JSP page, say Bean1.jsp, which essentially instantiates the bean fBean, places it in the request, and forwards the call to the servlet JSP2Servlet. Observe the way the bean is instantiated – here we automatically call the bean’s setter methods for properties which match the names of the posted form elements, while passing the corrosponding values to the methods.
<html>
<body>
<jsp:useBean id=”fBean” class=”govi.FormBean” scope=”request”/>
<jsp:setProperty name=”fBean” property=”*” />
<jsp:forward page=”/servlet/JSP2Servlet” />
</body>
</html>
The servlet JSP2Servlet now extracts the bean passed to it from the request, makes changes using the appropriate setters, and forwards the call to another JSP page Bean2.jsp using a request dispatcher. Note that this servlet, acting as a controller, can also place additional beans if necessary, within the request.
public void doPost (HttpServletRequest request,
HttpServletResponse response) {
try {
FormBean f = (FormBean) request.getAttribute (”fBean”);
f.setName(”Mogambo”);
// do whatever else necessary
getServletConfig().getServletContext().
getRequestDispatcher(”/jsp/Bean2.jsp”).
forward(request, response);
} catch (Exception ex) {
. . .
}
}
The JSP page Bean2.jsp can now extract the bean fBean (and whatever other beans that may have been passed by the controller servlet) from the request and extract its properties.
<html>
<body>
Within JSP2
<P>
<jsp:useBean id=”fBean” class=”govi.FormBean” scope=”request”/>
<jsp:getProperty name=”fBean” property=”name” />
</body>
</html>
The following code snippet shows how a servlet instantiates a bean and initializes it with FORM data posted by a browser. The bean is then placed into the request, and the call is then forwarded to the JSP page, Bean1.jsp, by means of a request dispatcher for downstream processing.
public void doPost (HttpServletRequest request,
HttpServletResponse response) {
try {
govi.FormBean f = new govi.FormBean();
String id = request.getParameter(”id”);
f.setName(request.getParameter(”name”));
f.setAddr(request.getParameter(”addr”));
f.setAge(request.getParameter(”age”));
//use the id to compute
//additional bean properties like info
//maybe perform a db query, etc.
// . . .
f.setPersonalizationInfo(info);
request.setAttribute(”fBean”,f);
getServletConfig().getServletContext().getRequestDispatcher
(”/jsp/Bean1.jsp”).forward(request, response);
} catch (Exception ex) {
. . .
}
}
The JSP page Bean1.jsp can then process fBean, after first extracting it from the default request scope via the useBean action.
<jsp:useBean id=”fBean” class=”govi.FormBean” scope=”request”/>
<jsp:getProperty name=”fBean” property=”name” />
<jsp:getProperty name=”fBean” property=”addr” />
<jsp:getProperty name=”fBean” property=”age” />
<jsp:getProperty name=”fBean” property=”personalizationInfo” />
Yes. You can download JSP 0.91 specification at http://www.kirkdorffer.com/jspspecs/jsp091.html.
JSP 0.92 specification can be downloaded from http://www.kirkdorffer.com/jspspecs/jsp092.html
Daniel Kirkdorffer maintains a regularly updated list of products which support the JSP API. You can access it at http://www.interpasnet.com/JSS/textes/jsp2.htm.
Yes. Resin 1.0 from Caucho Technologies supports both Java and JavaScript for scripting and implements JSP 1.0.
PolyJSP from Plenix supports Java, JavaScript and WebL for scripting, and implements JSP 0.92.
Consider the following example:
<useBean id=”counter” class=”foo.Counter” scope=”application” />
In this example, when the Counter bean is instantiated, it is placed within the servlet context, and can be accessed by any JSP or servlet that belong to the application (i.e. belongs to the same servlet context).
The servlet equivalent of the above useBean action is:
getServletContext().setAttribute(”counter”, new foo.Counter());
If the bean was previously created by another JSP or servlet and was placed within the application (servlet) context, the useBean action would then serve to retrieve the object.
The servlet equivalent of retrieving a bean from the application context is:
foo.Counter ctr = (foo.Counter) getServletContext().getAttribute(”counter”);
Make sure your beans belong to a package, and that you are fully qualifying the bean when indicating the value for the class attribute. For example, if your bean abc.class belongs to the package foo, make sure you indicate the value for the class attribute as:
<useBean id=”mybean” class=”foo.abc” scope=”session” />
and not as:
<useBean id=”mybean” class=”abc” scope=”session” />
You can make your JSPs thread-safe by having them implement the SingleThreadModel interface.
This is done by adding the directive
<%@ page isThreadSafe=”false” %>
within your JSP page.
With this, instead of a single instance of the servlet generated for your JSP page loaded in memory, you will have N instances of the servlet loaded and initialized, with the service method of each instance effectively synchronized. You can typically control the number of instances (N) that are instantiated for all servlets implementing SingleThreadModel through the admin screen for your JSP engine.
Yes. However, unlike servlets, you are not required to implement HTTP-protocol specific methods like doGet() or doPost() within your JSP page. You can obtain the data for the FORM input elements via the request implicit object within a scriptlet or expression as:
<%
String item = request.getParameter(”item”);
int howMany = new Integer(request.getParameter(”units”))
.intValue();
%>
or
<%= request.getParameter(”item”) %>
You can use the errorPage attribute of the page directive to have uncaught run-time exceptions automatically forwarded to an error processing page. For example:
<%@ page errorPage=”error.jsp” %>
redirects the browser to the JSP page error.jsp if an uncaught exception is encountered during request processing.
Within error.jsp, if you indicate that it is an error-processing page, via the directive:
<%@ page isErrorPage=”true” %>
the Throwable object describing the exception may be accessed within the error page via the exception implicit object.
Note: You must always use a relative URL as the value for the errorPage attribute.
You cannot override the _jspService() method within a JSP page. You can however, override the jspInit() and jspDestroy() methods within a JSP page. jspInit() can be useful for allocating resources like database connections, network connections, and so forth for the JSP page. It is good programming practice to free any allocated resources within jspDestroy().
The jspInit() and jspDestroy() methods are each executed just once during the lifecycle of a JSP page and are typically declared as JSP declarations:
<%!
public void jspInit() {
. . .
}
%>
<%!
public void jspDestroy() {
. . .
}
%>
Static resources should always be included using the JSP include directive. This way, the inclusion is performed just once during the translation phase. The following example shows the syntax:
<%@ include file=”copyright.html” %>
Do note that you should always supply a relative URL for the file attribute.
Although you can also include static resources using the action, this is not advisable as the inclusion is then performed for each and every request.
You can use “JSP-style” comments to selectively block out code while debugging or simply to comment your scriptlets. JSP comments are not visible at the client.
For example:
<%– the scriptlet is now commented out
<%
out.println(”Hello World”);
%>
–%>
You can also use HTML-style comments anywhere within your JSP page. These comments are visible at the client. For example:
<!– (c)1999 jGuru.com –>
Of course, you can also use comments supported by your JSP scripting language within your scriptlets. For example, assuming Java is the scripting language, you can have:
<%
//some comment
/**
yet another comment
**/
%>
You can use the response implicit object to redirect the browser to a different resource, as:
response.sendRedirect(”http://www.foo.com/path/error.html”);
You can also physically alter the Location HTTP header attribute, as shown below:
<%
response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
String newLocn = “/newpath/index.html”;
response.setHeader(”Location”,newLocn);
%>
You will need to set the appropriate HTTP header attributes to prevent the dynamic content output by the JSP page from being cached by the browser.
Just execute the following scriptlet at the beginning of your JSP pages to prevent them from being cached at the browser. You need both the statements to take care of some of the older browser versions.
<%
response.setHeader(”Cache-Control”,”no-store”); //HTTP 1.1
response.setHeader(”Pragma”,”no-cache”); //HTTP 1.0
response.setDateHeader (”Expires”, 0); //prevents caching at the proxy server %>