关于enctype="multipart/form-data"及过滤非法字符的问题

益游未尽 2013-11-21 05:15:47
正常表单可以过去 但是带文件的就不能
求高手解决 qq30841197
public class MessageFilter implements Filter {
private FilterConfig config;
private GuoLvService guoLvService;
private List<GuoLv> guoLvs = new ArrayList<GuoLv>();
private Map<String, String> map = new LinkedHashMap<String, String>();
private Set<String> set = new HashSet<String>();

public void destroy() {
this.config = null;

}

public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) arg0;
HttpServletResponse response = (HttpServletResponse) arg1;
request.setCharacterEncoding("GBK");
System.out.println("filter");
String param = "";
String paramValue = "";
boolean isMultipart = ServletFileUpload.isMultipartContent(request);
String s1 = request.getRequestURI();
if (!s1.contains("guolv")) {
guoLvs = guoLvService.findAll();
for (GuoLv g : guoLvs) {
map.put(g.getBefore(), g.getAfter());
}
set = map.keySet();
if (!isMultipart) {
Enumeration<Object> params = request.getParameterNames();
Map<String, String[]> m = new HashMap<String, String[]>(
request.getParameterMap());
while (params.hasMoreElements()) {

param = (String) params.nextElement();
String[] values = request.getParameterValues(param);
System.out.println(param + "" + Arrays.toString(values));
for (int i = 0; i < values.length; i++) {
paramValue = values[i];
//替换
for (String s : set) {
paramValue = paramValue.replaceAll(s, map.get(s));
}

values[i] = paramValue;

}

System.out.println(param + "--------------" + paramValue);
m.put(param, values);

}
request = new ParameterRequestWrapper(request, m);
}
if(isMultipart){
Map<String, String[]> m1 = new HashMap<String, String[]>(
request.getParameterMap());
FileItemFactory factory = new DiskFileItemFactory();
ServletFileUpload upload = new ServletFileUpload(factory);

try {
List items = upload.parseRequest(request);
Iterator iter = items.iterator();
while (iter.hasNext()){
FileItem item = (FileItem) iter.next();
if (item.isFormField()) {
String name = item.getFieldName();
String value =item.getString("gbk");
//out.println(name + "=" + value);
for (String s : set) {
value = value.replaceAll(s, map.get(s));
}
String[] v=new String[]{value};
request.setAttribute(name, value);
m1.put(name, v);
System.out.println(name+"======"+value);
} else{
//文件怎么处理???
}
}
request = new ParameterRequestWrapper(request, m1);
} catch (FileUploadException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}

filterChain.doFilter(request, response);

}

public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
this.config = arg0;
WebApplicationContext wac = WebApplicationContextUtils
.getRequiredWebApplicationContext(config.getServletContext());
guoLvService = (GuoLvService) wac.getBean("guoLvService");

}

}

class ParameterRequestWrapper extends HttpServletRequestWrapper {

private Map<String, String[]> params;
public ParameterRequestWrapper(HttpServletRequest request,
Map<String, String[]> newParams) {
super(request);

this.params = newParams;
}
@Override
public String getParameter(String name) {
String result = "";

Object v = params.get(name);
if (v == null) {
result = null;
} else if (v instanceof String[]) {
String[] strArr = (String[]) v;
if (strArr.length > 0) {
result = strArr[0];
} else {
result = null;
}
} else if (v instanceof String) {
result = (String) v;
} else {
result = v.toString();
}

return result;
}

@Override
public Map getParameterMap() {
return params;
}

@Override
public Enumeration getParameterNames() {
return new Vector(params.keySet()).elements();
}

@Override
public String[] getParameterValues(String name) {
String[] result = null;

Object v = params.get(name);
if (v == null) {
result = null;
} else if (v instanceof String[]) {
result = (String[]) v;
} else if (v instanceof String) {
result = new String[] { (String) v };
} else {
result = new String[] { v.toString() };
}

return result;
}

}
class MultiPartRequestWrapper extends HttpServletRequestWrapper{

public MultiPartRequestWrapper(HttpServletRequest request) {
super(request);
// TODO Auto-generated constructor stub
}

}
...全文
180 1 打赏 收藏 转发到动态 举报
写回复
用AI写文章
1 条回复
切换为时间正序
请发表友善的回复…
发表回复
洋洋宣宣 2013-11-27
  • 打赏
  • 举报
回复
我也在等答案啊

81,090

社区成员

发帖
与我相关
我的任务
社区描述
Java Web 开发
社区管理员
  • Web 开发社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧