Skip to content

Y
YeeAmosFireAutoSysRoot
Commit 70430423 authored by 张森's avatar 张森
Browse files
Options

漏洞修改

parent cb0c7142
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 174 deletions
YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/controller/FileController.java
View file @ 70430423
...@@ -195,10 +195,12 @@ public class FileController extends BaseController { ...@@ -195,10 +195,12 @@ public class FileController extends BaseController {
String htmlFileName = fileName.substring(0, fileName.indexOf(".")) + ".html"; String htmlFileName = fileName.substring(0, fileName.indexOf(".")) + ".html";
File htmlFile = new File(htmlFileName); File htmlFile = new File(htmlFileName);
WordConverterUtils.wordToHtml(fileName, htmlFileName, readUrl); WordConverterUtils.wordToHtml(fileName, htmlFileName, readUrl);
FileInputStream fis = new FileInputStream(htmlFile); try (
String data = IOUtils.toString(fis, "utf-8"); // "gb2312" FileInputStream fis = new FileInputStream(htmlFile);
fis.close(); ) {
return new CommonResponse(SUCCESS, data, "查询成功"); String data = IOUtils.toString(fis, "utf-8");
return new CommonResponse(SUCCESS, data, "查询成功");
}
} else { } else {
return new CommonResponse(SUCCESS, "访问的文件不存在!", "查询成功"); return new CommonResponse(SUCCESS, "访问的文件不存在!", "查询成功");
} }
......
YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/FileUtils.java deleted 100644 → 0
View file @ cb0c7142
package com.yeejoin.amos.fas.business.util;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.List;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
/**
* 文件下载 工具类
*
* @author 郑嘉伟
* @since 2020-08-05
*/
public class FileUtils {
private static final Logger logger = LogManager.getLogger(FileUtils.class);
/**
* 获取压缩好zip——>设置消息头——>输出
* @param response
* @param list
* @param ipUrl
* @throws IOException
*/
public static void downloadZIP(HttpServletResponse response, List<String> list, String ipUrl) throws IOException {
//构建zip
String zipname = "单据相关附件.zip";
String zippath = fileToZip(list, zipname, ipUrl);
OutputStream out = null;
BufferedInputStream br = null;
try {
String fileName = new String(zipname.getBytes(StandardCharsets.UTF_8), StandardCharsets.ISO_8859_1);
br = new BufferedInputStream(Files.newInputStream(Paths.get(zippath)));
byte[] buf = new byte[1024];
int len = 0;
response.reset();
response.setHeader("Content-Type", "application/octet-stream;charset=utf-8");
response.setHeader("Content-Disposition", "attachment; filename=" + fileName);
response.setHeader("Access-Control-Expose-Headers", "access_token");
response.setHeader("Access-Control-Allow-Origin", "*");
response.setContentType("application/zip");
out = response.getOutputStream();
while ((len = br.read(buf)) > 0) {
out.write(buf, 0, len);
out.flush();
}
} catch (Exception ex) {
ex.printStackTrace();
} finally {
if (null != br) {
br.close();
}
if (null != out) {
out.close();
}
}
}
/**
* 通过文件服务器——>获取流——>输出——>压缩
*
* @param list
* @param fileName
* @return
*/
public static String fileToZip(List<String> list, String fileName, String ipUrl) {
if (StringUtils.isBlank(fileName)) {
throw new RuntimeException("文件名不能为空");
}
fileName = FilenameUtils.normalize(fileName);
// 临时目录
String tmpdir = System.getProperty("java.io.tmpdir");
if (StringUtils.isNotBlank(tmpdir) && !tmpdir.endsWith(File.separator)) {
tmpdir += File.separator;
} else if (StringUtils.isBlank(tmpdir)){
tmpdir = "";
}
String path = FilenameUtils.normalize(tmpdir + fileName);
File zipFile = new File(path);
zipFile.deleteOnExit();
try {
zipFile.createNewFile();
} catch (IOException e) {
e.printStackTrace();
}
try (
FileOutputStream fos = new FileOutputStream(zipFile);
BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(fos);
ZipOutputStream zos = new ZipOutputStream(bufferedOutputStream);
) {
byte[] bufs = new byte[1024 * 10];
for (String a : list) {
try (
InputStream fis = getInputStreamFromURL(ipUrl + a)
) {
assert fis != null;
try (BufferedInputStream bis = new BufferedInputStream(fis, 1024 * 10)
) {
String subFileName = new File(ipUrl + a).getName();
//创建ZIP实体,并添加进压缩包
ZipEntry zipEntry = new ZipEntry(subFileName);
zos.putNextEntry(zipEntry);
int read = 0;
while ((read = bis.read(bufs, 0, 1024 * 10)) != -1) {
zos.write(bufs, 0, read);
}
} catch (IOException e) {
e.printStackTrace();
}
} catch (IOException e) {
e.printStackTrace();
}
}
System.out.println("压缩成功");
} catch (FileNotFoundException e) {
e.printStackTrace();
throw new RuntimeException(e);
} catch (IOException e) {
e.printStackTrace();
throw new RuntimeException(e);
}
return path;
}
/**
* 从URL中读取图片,转换成流形式.
*
* @param destUrl
* @return
*/
public static InputStream getInputStreamFromURL(String destUrl) {
HttpURLConnection httpUrl = null;
URL url = null;
InputStream in = null;
try {
url = new URL(destUrl);
httpUrl = (HttpURLConnection) url.openConnection();
httpUrl.connect();
in = httpUrl.getInputStream();
return in;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment