📄 easybs.jsp
字号:
ret.append("!!!! Process has timed out, destroyed !!!!!");
}
try {
Thread.sleep(50);
}
catch (InterruptedException ie) {}
}
}
catch (Exception e) {
ret.append("Error: " + e);
}
return ret.toString();
}
/**
* Converts a dir string to a linked dir string
* @param dir the directory string (e.g. /usr/local/httpd)
* @param browserLink web-path to Browser.jsp
*/
static String dir2linkdir(String dir, String browserLink, int sortMode) {
File f = new File(dir);
StringBuffer buf = new StringBuffer();
while (f.getParentFile() != null) {
if (f.canRead()) {
String encPath = URLEncoder.encode(f.getAbsolutePath());
buf.insert(0, "<a href=\"" + browserLink + "?sort=" + sortMode + "&dir="
+ encPath + "\">" + conv2Html(f.getName()) + File.separator + "</a>");
}
else buf.insert(0, conv2Html(f.getName()) + File.separator);
f = f.getParentFile();
}
if (f.canRead()) {
String encPath = URLEncoder.encode(f.getAbsolutePath());
buf.insert(0, "<a href=\"" + browserLink + "?sort=" + sortMode + "&dir=" + encPath
+ "\">" + conv2Html(f.getAbsolutePath()) + "</a>");
}
else buf.insert(0, f.getAbsolutePath());
return buf.toString();
}
/**
* Returns true if the given filename tends towards a packed file
*/
static boolean isPacked(String name, boolean gz) {
return (name.toLowerCase().endsWith(".zip") || name.toLowerCase().endsWith(".jar")
|| (gz && name.toLowerCase().endsWith(".gz")) || name.toLowerCase()
.endsWith(".war"));
}
/**
* If RESTRICT_BROWSING = true this method checks, whether the path is allowed or not
*/
static boolean isAllowed(File path, boolean write) throws IOException{
if (READ_ONLY && write) return false;
if (RESTRICT_BROWSING) {
StringTokenizer stk = new StringTokenizer(RESTRICT_PATH, ";");
while (stk.hasMoreTokens()){
if (path!=null && path.getCanonicalPath().startsWith(stk.nextToken()))
return RESTRICT_WHITELIST;
}
return !RESTRICT_WHITELIST;
}
else return true;
}
%>
<%
//Get the current browsing directory
request.setAttribute("dir", request.getParameter("dir"));
// The browser_name variable is used to keep track of the URI
// of the jsp file itself. It is used in all link-backs.
final String browser_name = request.getRequestURI();
final String FOL_IMG = "";
boolean nohtml = false;
boolean dir_view = true;
//Get Javascript
if (request.getParameter("Javascript") != null) {
dir_view = false;
nohtml = true;
//Tell the browser that it should cache the javascript
response.setHeader("Cache-Control", "public");
Date now = new Date();
SimpleDateFormat sdf = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss z", Locale.US);
response.setHeader("Expires", sdf.format(new Date(now.getTime() + 1000 * 60 * 60 * 24*2)));
response.setHeader("Content-Type", "text/javascript");
%>
<%// This section contains the Javascript used for interface elements %>
var check = false;
<%// Disables the checkbox feature %>
function dis(){check = true;}
var DOM = 0, MS = 0, OP = 0, b = 0;
<%// Determine the browser type %>
function CheckBrowser(){
if (b == 0){
if (window.opera) OP = 1;
// Moz or Netscape
if(document.getElementById) DOM = 1;
// Micro$oft
if(document.all && !OP) MS = 1;
b = 1;
}
}
<%// Allows the whole row to be selected %>
function selrow (element, i){
var erst;
CheckBrowser();
if ((OP==1)||(MS==1)) erst = element.firstChild.firstChild;
else if (DOM==1) erst = element.firstChild.nextSibling.firstChild;
<%// MouseIn %>
if (i==0){
if (erst.checked == true) element.className='mousechecked';
else element.className='mousein';
}
<%// MouseOut %>
else if (i==1){
if (erst.checked == true) element.className='checked';
else element.className='mouseout';
}
<% // MouseClick %>
else if ((i==2)&&(!check)){
if (erst.checked==true) element.className='mousein';
else element.className='mousechecked';
erst.click();
}
else check=false;
}
<%// Filter files and dirs in FileList%>
function filter (begriff){
var suche = begriff.value.toLowerCase();
var table = document.getElementById("filetable");
var ele;
for (var r = 1; r < table.rows.length; r++){
ele = table.rows[r].cells[1].innerHTML.replace(/<[^>]+>/g,"");
if (ele.toLowerCase().indexOf(suche)>=0 )
table.rows[r].style.display = '';
else table.rows[r].style.display = 'none';
}
}
<%//(De)select all checkboxes%>
function AllFiles(){
for(var x=0;x < document.FileList.elements.length;x++){
var y = document.FileList.elements[x];
var ytr = y.parentNode.parentNode;
var check = document.FileList.selall.checked;
if(y.name == 'selfile' && ytr.style.display != 'none'){
if (y.disabled != true){
y.checked = check;
if (y.checked == true) ytr.className = 'checked';
else ytr.className = 'mouseout';
}
}
}
}
function shortKeyHandler(_event){
if (!_event) _event = window.event;
if (_event.which) {
keycode = _event.which;
} else if (_event.keyCode) {
keycode = _event.keyCode;
}
var t = document.getElementById("text_Dir");
//z
if (keycode == 122){
document.getElementById("but_Zip").click();
}
//r, F2
else if (keycode == 113 || keycode == 114){
var path = prompt("Please enter new filename", "");
if (path == null) return;
t.value = path;
document.getElementById("but_Ren").click();
}
//c
else if (keycode == 99){
var path = prompt("Please enter filename", "");
if (path == null) return;
t.value = path;
document.getElementById("but_NFi").click();
}
//d
else if (keycode == 100){
var path = prompt("Please enter directory name", "");
if (path == null) return;
t.value = path;
document.getElementById("but_NDi").click();
}
//m
else if (keycode == 109){
var path = prompt("Please enter move destination", "");
if (path == null) return;
t.value = path;
document.getElementById("but_Mov").click();
}
//y
else if (keycode == 121){
var path = prompt("Please enter copy destination", "");
if (path == null) return;
t.value = path;
document.getElementById("but_Cop").click();
}
//l
else if (keycode == 108){
document.getElementById("but_Lau").click();
}
//Del
else if (keycode == 46){
document.getElementById("but_Del").click();
}
}
function popUp(URL){
fname = document.getElementsByName("myFile")[0].value;
if (fname != "")
window.open(URL+"?first&uplMonitor="+encodeURIComponent(fname),"","width=400,height=150,resizable=yes,depend=yes")
}
document.onkeypress = shortKeyHandler;
<% }
// View file
else if (request.getParameter("file") != null) {
File f = new File(request.getParameter("file"));
if (!isAllowed(f, false)) {
request.setAttribute("dir", f.getParent());
request.setAttribute("error", "You are not allowed to access "+f.getAbsolutePath());
}
else if (f.exists() && f.canRead()) {
if (isPacked(f.getName(), false)) {
//If zipFile, do nothing here
}
else{
String mimeType = getMimeType(f.getName());
response.setContentType(mimeType);
if (mimeType.equals("text/plain")) response.setHeader(
"Content-Disposition", "inline;filename=\"temp.txt\"");
else response.setHeader("Content-Disposition", "inline;filename=\""
+ f.getName() + "\"");
BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
byte buffer[] = new byte[8 * 1024];
out.clearBuffer();
OutputStream out_s = new Writer2Stream(out);
copyStreamsWithoutClose(fileInput, out_s, buffer);
fileInput.close();
out_s.flush();
nohtml = true;
dir_view = false;
}
}
else {
request.setAttribute("dir", f.getParent());
request.setAttribute("error", "File " + f.getAbsolutePath()
+ " does not exist or is not readable on the server");
}
}
// Download selected files as zip file
else if ((request.getParameter("Submit") != null)
&& (request.getParameter("Submit").equals(SAVE_AS_ZIP))) {
Vector v = expandFileList(request.getParameterValues("selfile"), false);
//Check if all files in vector are allowed
String notAllowedFile = null;
for (int i = 0;i < v.size(); i++){
File f = (File) v.get(i);
if (!isAllowed(f, false)){
notAllowedFile = f.getAbsolutePath();
break;
}
}
if (notAllowedFile != null){
request.setAttribute("error", "You are not allowed to access " + notAllowedFile);
}
else if (v.size() == 0) {
request.setAttribute("error", "No files selected");
}
else {
File dir_file = new File("" + request.getAttribute("dir"));
int dir_l = dir_file.getAbsolutePath().length();
response.setContentType("application/zip");
response.setHeader("Content-Disposition", "attachment;filename=\"rename_me.zip\"");
out.clearBuffer();
ZipOutputStream zipout = new ZipOutputStream(new Writer2Stream(out));
zipout.setComment("Created by jsp File Browser v. " + VERSION_NR);
zipout.setLevel(COMPRESSION_LEVEL);
for (int i = 0; i < v.size(); i++) {
File f = (File) v.get(i);
if (f.canRead()) {
zipout.putNextEntry(new ZipEntry(f.getAbsolutePath().substring(dir_l + 1)));
BufferedInputStream fr = new BufferedInputStream(new FileInputStream(f));
byte buffer[] = new byte[0xffff];
copyStreamsWithoutClose(fr, zipout, buffer);
/* int b;
while ((b=fr.read())!=-1) zipout.write(b);*/
fr.close();
zipout.closeEntry();
}
}
zipout.finish();
out.flush();
nohtml = true;
dir_view = false;
}
}
// Download file
else if (request.getParameter("downfile") != null) {
String filePath = request.getParameter("downfile");
File f = new File(filePath);
if (!isAllowed(f, false)){
request.setAttribute("dir", f.getParent());
request.setAttribute("error", "You are not allowed to access " + f.getAbsoluteFile());
}
else if (f.exists() && f.canRead()) {
response.setContentType("application/octet-stream");
response.setHeader("Content-Disposition", "attachment;filename=\"" + f.getName()
+ "\"");
response.setContentLength((int) f.length());
BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
byte buffer[] = new byte[8 * 1024];
out.clearBuffer();
OutputStream out_s = new Writer2Stream(out);
copyStreamsWithoutClose(fileInput, out_s, buffer);
fileInput.close();
out_s.flush();
nohtml = true;
dir_view = false;
}
else {
request.setAttribute("dir", f.getParent());
request.setAttribute("error", "File " + f.getAbsolutePath()
+ " does not exist or is not readable on the server");
}
}
if (nohtml) return;
//else
// If no parameter is submitted, it will take the path from jsp file browser
if (request.getAttribute("dir") == null) {
String path = null;
if (application.getRealPath(request.getRequestURI()) != null) {
File f = new File(application.getRealPath(request.getRequestURI())).getParentFile();
//This is a hack needed for tomcat
while (f != null && !f.exists())
f = f.getParentFile();
if (f != null)
path = f.getAbsolutePath();
}
if (path == null) { // handle the case where we are not in a directory (ex: war file)
path = new File(".").getAbsolutePath();
}
//Check path
if (!isAllowed(new File(path), false)){
//TODO Blacklist
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -