@RequiresPermissions("data:o_export")
@RequestMapping(value = "/mysql/data/o_export.do")
public String exportSubmit(
String[] names, ModelMap model, HttpServletRequest request, HttpServletResponse response)
throws UnsupportedEncodingException {
if (validate(names, request)) {
WebErrors errors = WebErrors.create(request);
errors.addErrorCode(INVALID_PARAM);
return errors.showErrorPage(model);
}
String backName = "back";
if (names != null && names.length > 0 && names[0] != null) {
backName =
names[0].substring(
names[0].indexOf(Constants.BACKUP_PATH) + Constants.BACKUP_PATH.length() + 1);
}
List<FileEntry> fileEntrys = new ArrayList<FileEntry>();
response.setContentType("application/x-download;charset=UTF-8");
response.addHeader("Content-disposition", "filename=" + backName + ".zip");
for (String filename : names) {
File file = new File(realPathResolver.get(filename));
fileEntrys.add(new FileEntry("", "", file));
}
try {
// 模板一般都在windows下编辑,所以默认编码为GBK
Zipper.zip(response.getOutputStream(), fileEntrys, "GBK");
} catch (IOException e) {
log.error("export db error!", e);
}
return null;
}
/** 查看留言回复 */
@RequestMapping(value = "/member/guestbook_replay.jspx")
public String guestbook_replay(
Integer id,
String nextUrl,
HttpServletRequest request,
HttpServletResponse response,
ModelMap model) {
CmsSite site = CmsUtils.getSite(request);
CmsUser user = CmsUtils.getUser(request);
FrontUtils.frontData(request, model, site);
MemberConfig mcfg = site.getConfig().getMemberConfig();
// 没有开启会员功能
if (!mcfg.isMemberOn()) {
return FrontUtils.showMessage(request, model, "member.memberClose");
}
if (user == null) {
return FrontUtils.showLogin(request, model, site);
}
CmsGuestbook guestbook = guestbookMng.findById(id);
if (!guestbook.getMember().equals(user)) {
WebErrors errors = WebErrors.create(request);
errors.addErrorCode("error.noPermissionsView");
return FrontUtils.showError(request, response, model, errors);
}
model.addAttribute("guestbook", guestbook);
return FrontUtils.getTplPath(
request, site.getSolutionPath(), TPLDIR_GUESTBOOK, GUESTBOOK_REPLAY);
}
/**
* 密码修改提交页
*
* @param origPwd 原始密码
* @param newPwd 新密码
* @param email 邮箱
* @param nextUrl 下一个页面地址
* @param request
* @param response
* @param model
* @return
* @throws IOException
*/
@RequestMapping(value = "/member/pwd.jspx", method = RequestMethod.POST)
public String passwordSubmit(
String origPwd,
String newPwd,
String email,
String nextUrl,
HttpServletRequest request,
HttpServletResponse response,
ModelMap model)
throws IOException {
CmsSite site = CmsUtils.getSite(request);
CmsUser user = CmsUtils.getUser(request);
FrontUtils.frontData(request, model, site);
MemberConfig mcfg = site.getConfig().getMemberConfig();
// 没有开启会员功能
if (!mcfg.isMemberOn()) {
return FrontUtils.showMessage(request, model, "member.memberClose");
}
if (user == null) {
return FrontUtils.showLogin(request, model, site);
}
WebErrors errors = validatePasswordSubmit(user.getId(), origPwd, newPwd, email, request);
if (errors.hasErrors()) {
return FrontUtils.showError(request, response, model, errors);
}
cmsUserMng.updatePwdEmail(user.getId(), newPwd, email);
return FrontUtils.showSuccess(request, model, nextUrl);
}
@RequestMapping(value = "/vote_reply_view.jspx", method = RequestMethod.GET)
public String reply_view(
Integer subId,
Integer pageNo,
HttpServletRequest request,
HttpServletResponse response,
ModelMap model) {
CmsSite site = CmsUtils.getSite(request);
CmsVoteSubTopic subTopic = null;
if (subId != null) {
subTopic = cmsVoteSubTopicMng.findById(subId);
}
if (subTopic != null) {
Pagination pagination =
cmsVoteReplyMng.getPage(subId, cpn(pageNo), CookieUtils.getPageSize(request));
model.addAttribute("subTopic", subTopic);
model.addAttribute("pagination", pagination);
FrontUtils.frontData(request, model, site);
FrontUtils.frontPageData(request, model);
return FrontUtils.getTplPath(
request, site.getSolutionPath(), TPLDIR_SPECIAL, VOTE_REPLY_RESULT);
} else {
WebErrors errors = WebErrors.create(request);
errors.addError("error.vote.novotesubfind");
return FrontUtils.showError(request, response, model, errors);
}
}
@RequiresPermissions("data:o_delete_single")
@RequestMapping("/mysql/data/o_delete_single.do")
public String deleteSingle(
HttpServletRequest request, ModelMap model, HttpServletResponse response) {
String name = RequestUtils.getQueryParam(request, "name");
WebErrors errors = validateDelete(new String[] {name}, request);
if (errors.hasErrors()) {
return errors.showErrorPage(model);
}
int count = resourceMng.delete(new String[] {name});
log.info("delete Resource {}, count {}", name, count);
cmsLogMng.operating(request, "resource.log.delete", "filename=" + name);
return listBackUpFiles(model, request, response);
}
private WebErrors validateDelete(String[] names, HttpServletRequest request) {
WebErrors errors = WebErrors.create(request);
errors.ifEmpty(names, "names");
if (names != null && names.length > 0) {
for (String name : names) {
// 导出阻止非法获取其他目录文件
if (!name.contains("/WEB-INF/backup/") || name.contains("../") || name.contains("..\\")) {
errors.addErrorCode(INVALID_PARAM);
}
}
} else {
errors.addErrorCode(INVALID_PARAM);
}
for (String id : names) {
vldExist(id, errors);
}
return errors;
}
@RequestMapping(value = "/vote.jspx", method = RequestMethod.GET)
public String input(
Integer voteId, HttpServletRequest request, HttpServletResponse response, ModelMap model) {
CmsSite site = CmsUtils.getSite(request);
CmsVoteTopic vote = null;
if (voteId != null) {
vote = cmsVoteTopicMng.findById(voteId);
}
if (vote != null) {
model.addAttribute("vote", vote);
FrontUtils.frontData(request, model, site);
return FrontUtils.getTplPath(request, site.getSolutionPath(), TPLDIR_SPECIAL, VOTE_INPUT);
} else {
WebErrors errors = WebErrors.create(request);
errors.addError("error.vote.novotefind");
return FrontUtils.showError(request, response, model, errors);
}
}
@RequiresPermissions("data:o_delete")
@RequestMapping("/mysql/data/o_delete.do")
public String delete(
String root,
String[] names,
HttpServletRequest request,
ModelMap model,
HttpServletResponse response) {
WebErrors errors = validateDelete(names, request);
if (errors.hasErrors()) {
return errors.showErrorPage(model);
}
int count = resourceMng.delete(names);
log.info("delete Resource count: {}", count);
for (String name : names) {
log.info("delete Resource name={}", name);
cmsLogMng.operating(request, "resource.log.delete", "filename=" + name);
}
model.addAttribute("root", root);
return listBackUpFiles(model, request, response);
}
@RequiresPermissions("data:o_revert")
@RequestMapping("/mysql/data/o_revert.do")
public String revert(
String filename,
String db,
ModelMap model,
HttpServletRequest request,
HttpServletResponse response)
throws IOException {
String backpath = realPathResolver.get(Constants.BACKUP_PATH);
String backFilePath = backpath + SLASH + filename;
String sql = readFile(backFilePath);
// 还原暂时没做备份提示。
dataBackMng.executeSQL("use " + SPLIT + db + SPLIT + BR);
dataBackMng.executeSQL(sql);
// 若db发生变化,需要处理jdbc
try {
String defaultCatalog = dataBackMng.getDefaultCatalog();
if (!defaultCatalog.equals(db)) {
String dbXmlPath = realPathResolver.get(dbXmlFileName);
dbXml(dbXmlPath, defaultCatalog, db);
}
} catch (Exception e) {
WebErrors errors = WebErrors.create(request);
errors.addErrorCode("db.revert.error");
errors.addErrorString(e.getMessage());
if (errors.hasErrors()) {
return errors.showErrorPage(model);
}
}
model.addAttribute("msg", "success");
return listDataBases(model, request, response);
}
private WebErrors validatePasswordSubmit(
Integer id, String origPwd, String newPwd, String email, HttpServletRequest request) {
WebErrors errors = WebErrors.create(request);
if (errors.ifBlank(origPwd, "origPwd", 100)) {
return errors;
}
if (errors.ifMaxLength(newPwd, "newPwd", 100)) {
return errors;
}
if (errors.ifNotEmail(email, "email", 100)) {
return errors;
}
if (!cmsUserMng.isPasswordValid(id, origPwd)) {
errors.addErrorCode("member.origPwdInvalid");
return errors;
}
return errors;
}
private boolean vldExist(String name, WebErrors errors) {
if (errors.ifNull(name, "name")) {
return true;
}
return false;
}
