jsp文件上传漏洞(jsp实现excel文件上传)
程序员文章站
2023-11-25 10:08:46
在项目中,经常用到的一个功能就是文件的上传和下载,不过大多数情况下都是通用的工具类,自己写的情况较少,这里写个通过spring框架和ajaxfileupload插件实现上传的小功能,做个练习和记录。首...
在项目中,经常用到的一个功能就是文件的上传和下载,不过大多数情况下都是通用的工具类,自己写的情况较少,这里写个通过spring框架和ajaxfileupload插件实现上传的小功能,做个练习和记录。
首先配置下springmvc的配置文件,配置支持文件上传
<!-- 配置multipartresolver 用于文件上传 使用spring的commosmultipartresolver
说明:
p:defaultencoding="utf-8":这里设置默认的文件编码为utf-8,必须与用户jsp的默认编码一致;
p:maxuploadsize="5000000":指定文件上传大小,单位为字节;
p:uploadtempdir="fileupload/temp":文件上传临时目录,上传完成后,就会将临时文件删除;
-->
<bean id="multipartresolver" class="org.springframework.web.multipart.commons.commonsmultipartresolver"
p:defaultencoding="utf-8"
p:maxuploadsize="5000000"
p:uploadtempdir="fileupload/temp"
>
</bean> 然后写个简单的jsp页面,为了方便绑定数据,引入spring自带的form表单标签,引入语句
<%@taglib uri="http://www.springframework.org/tags/form" prefix="form" %> form表单实现一个简单的注册功能,虽然说美感不好,这里还是引用了下bootstrap做了个简单的排版。因为原版的file标签的格式无法调整,所有用了其他的小标签代替,然后用按钮去触发file标签
<%@ page language="java" import="java.util.*" pageencoding="utf-8"%>
<%
string path = request.getcontextpath();
string basepath = request.getscheme()+"://"+request.getservername()+":"+request.getserverport()+path+"/";
request.setattribute("_path", path);
%>
<%@taglib uri="http://www.springframework.org/tags/form" prefix="form" %>
<!doctype html public "-//w3c//dtd html 4.01 transitional//en">
<html>
<head>
<base href="<%=basepath%>">
<title>my jsp 'index.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="this is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
<link rel="stylesheet" href="<%=basepath%>static/css/bootstrap.css"/>
<script type="text/javascript" src="<%=basepath%>static/js/jquery.min.js"></script>
<script type="text/javascript" src="<%=basepath%>static/js/ajaxfileupload.js"></script>
<script type="text/javascript" src="<%=basepath%>static/js/bootstrap.js"></script>
<script type="text/javascript" src="<%=basepath%>static/js/jquery.json-2.4.js" charset="utf-8"></script>
<script type="text/javascript">
var path = "${_path}";
$(function(){
/* 重置form表单功能 */
$("#clean").click(function(){
document.getelementbyid("user").reset();
$("#username").attr("value","");
$("#password").attr("value","");
$("#name").attr("value","");
$("#sex").attr("value","");
$("#file").attr("value","");
});
/* begin 附件上功能 */
$("#choose").click(function(){
$("#fileupload").click();
});
$("#fileupload").change(function(){
$("#file").attr("value",$("#fileupload").val());
$.ajaxfileupload({
type: "post",
url: path+"/fileupload.do",
data:{filename:$("#fileupload").val()},//要传到后台的参数,没有可以不写
secureuri : false,//是否启用安全提交,默认为false
fileelementid:'fileupload',//文件选择框的id属性
datatype: 'json',//服务器返回的格式
async : false,
success: function(mes){
if(mes.message=="ok"){
alert("附件上传成功");
}
if(mes.message=="ng"){
alert("附件上传失败");
}
},
error: function (){
alert("附件上传失败");
}
});
});
/* end 附件上功能 */
});
</script>
</head>
<body>
<div class="container" style="width: 100%" >
<div> </div>
<div class="row">
<div class="col-lg-5 col-md-5 col-sm-5 col-xs-5"></div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1" >注册页面</div>
</div>
<div> </div>
<div class="row">
<form:form commandname="user" action="${_path }/register.do" method="post" enctype="multipart/form-data">
<div class="col-lg-4 col-md-4 col-sm-4 col-xs-4"></div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1" style="text-align:right">账号:</div>
<form:input path="username" type = "text" value = "" class="input-large"/>
<div> </div>
<div class="col-lg-4 col-md-4 col-sm-4 col-xs-4"></div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1" style="text-align:right">密码:</div>
<form:input path="password" type = "password" class="input-large"/>
<div> </div>
<div class="col-lg-4 col-md-4 col-sm-4 col-xs-4"></div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1" style="text-align:right">姓名:</div>
<form:input path="name" type = "text" value = "" class="input-large"/>
<div> </div>
<div class="col-lg-4 col-md-4 col-sm-4 col-xs-4"></div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1" style="text-align:right">性别:</div>
<form:input path="sex" type = "text" value = "" class="input-large"/>
<div> </div>
<div class="col-lg-4 col-md-4 col-sm-4 col-xs-4"></div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1" style="text-align:right">附件:</div>
<input id = "fileupload" name = "fileupload" type = "file" style=" display: none">
<form:input type ="text" class="input-large" path= "file" />
<input id ="choose" type="button" value = "选择" class="btn btn-primary btn-xs"/>
<div> </div>
<div class="col-lg-4 col-md-4 col-sm-4 col-xs-4"></div>
<div class="col-lg-2 col-md-2 col-sm-2 col-xs-2" style="text-align:right">
<input id = "upload" type = "submit" value = "提交" class="btn btn-default btn-sm"/>
<input id ="clean" type="button" value = "清除" class="btn btn-default btn-sm"/>
</div>
</form:form>
</div>
</div>
</body>
</html>
后台页面控制器,因为用了springmvc的form表单,所以在渲染的时候模型中一定要有user这个对象,所以我们用控制器跳转页面
@requestmapping("/login.do")
public string login(@modelattribute("user") user user, model model){
system.out.println("进入");
user.setname("小明");
user.setsex("男");
user.setusername("叶良辰");
model.addattribute("user", user);
return "index";
}这里为了显示springmvc form的自动绑定功能,我给user对象设置了值,在jsp页面,如果form:input标签由path属性和user里的属性一样,会自动设置值
附件的js代码在上面的jsp页面中已经写好了,下面是后台控制的controller,因为我们配置了multipartresolver,所以form表单是设置了enctype=”multipart/form-data,后台一样能直接取出文本值
接受文本框内容的controller
@requestmapping("/register.do")
public string register(@modelattribute("user") user user, model model){
model.addattribute("user", user);
system.out.println(user);
return "index";
}附件上传的controller
@requestmapping("/fileupload.do")
public @responsebody message fileupload(httpservletrequest request,@requestparam("fileupload") multipartfile file,
@requestparam("filename") string filename,@modelattribute("user") user user,model model,message mes){
//简单判断文件是否为空
if(!file.isempty()){
try {
// 文件保存路径
string filepath = request.getsession().getservletcontext().getrealpath("/") + "fileupload/"
+ file.getoriginalfilename();
file.transferto(new file(filepath));
mes.setmessage("ok");
} catch (exception e) {
mes.setmessage("ng");
e.printstacktrace();
}
}
user.setfile(filename);
system.out.println(filename);
model.addattribute("user", user);
system.out.println(user);
return mes;
}