package com.tenwa.lease.util; import java.io.File; import java.io.FileInputStream; import java.io.InputStream; import java.net.URLDecoder; import java.net.URLEncoder; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.codec.binary.Base64; import com.amarsoft.are.ARE; import com.amarsoft.are.util.DataConvert; import sun.misc.BASE64Decoder; public class FileViewServlet extends javax.servlet.http.HttpServlet{ private static final long serialVersionUID = 1L; public FileViewServlet() {} public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, java.io.IOException { try { HttpSession session = request.getSession(true); if ((session == null) || (session.getAttributeNames() == null)) { throw new Exception("------Timeout------"); } String sFileName = ""; String sContentType = "text/html"; String sViewType = "view"; BASE64Decoder de = new BASE64Decoder(); sFileName = URLDecoder.decode(new String(de.decodeBuffer( request.getParameter("filename")), "UTF-8"),"UTF-8"); sContentType = DataConvert.toString(request .getParameter("contenttype")); sViewType = DataConvert.toString(request.getParameter("viewtype")); ARE.getLog().debug( "[FileViewServlet]" + sContentType + ":" + sFileName); if (sFileName.indexOf("../") >= 0) { ARE.getLog().warn("[FileViewServlet-ERR]文件名包含非法参数!"); return; } File dFile = null; dFile = new File(sFileName); if (!dFile.exists()) { ARE.getLog().warn( "[FileViewServlet-ERR]文件不存在:" + sFileName + "!"); String sCon = "文件不存在 !"; ServletOutputStream outStream = response.getOutputStream(); outStream.println(DataConvert.toRealString(3, sCon)); outStream.flush(); outStream.close(); } else { String sNewFileName = com.amarsoft.are.util.StringFunction .getFileName(sFileName); String browName = sNewFileName; String clientInfo = request.getHeader("User-agent"); if (clientInfo != null) { if (clientInfo.indexOf("MSIE") > 0) { if ((clientInfo.indexOf("MSIE 6") > 0) || (clientInfo.indexOf("MSIE 5") > 0)) { browName = new String(sNewFileName.getBytes("GBK"), "ISO-8859-1"); } else { browName = URLEncoder.encode(sNewFileName, "UTF-8"); } } else if (clientInfo.indexOf("Chrome") > 0) { browName = URLEncoder.encode(sNewFileName, "UTF-8"); } else if (clientInfo.indexOf("Firefox") > 0) { browName = new String(sNewFileName.getBytes("UTF-8"), "ISO-8859-1"); }else{ browName = URLEncoder.encode(sNewFileName, "utf-8"); } } response.setContentType(sContentType + ";charset=GBK"); if (sViewType.equals("view")) { response.setHeader("Content-Disposition", "filename=" + browName + ";"); } else { response.setHeader("Content-Disposition", "attachment;filename=" + browName + ";"); } int iContentLength = (int) dFile.length(); if (iContentLength > 0) { ServletOutputStream outStream2 = response.getOutputStream(); InputStream inStream = new FileInputStream(sFileName); if (iContentLength > 102400) iContentLength = 102400; byte[] abyte0 = new byte[iContentLength]; int k = -1; while ((k = inStream.read(abyte0, 0, iContentLength)) != -1) { if (k >= 10240) { ARE.getLog().debug("[FileViewServlet]Read:" + k); } outStream2.write(abyte0, 0, k); } inStream.close(); outStream2.flush(); outStream2.close(); } return; } } catch (Exception e1) { e1 = e1; ARE.getLog().error("[FileViewServlet-ERR]", e1); } finally { } } public String getServletInfo() { return "This is a file view servlet!"; } }