public ModelAndView downloadFile(
HttpServletRequest request, HttpServletResponse response, DataObject para) throws Exception {
response.setContentType("application/octet-stream; charset=ISO-8859-1");
StringBuffer contentDisposition = new StringBuffer("\"attachment; filename=\"");
try {
DataObject result = NoticeMngBPO.downloadFile(para);
String fileName = result.getString("fileName", "");
byte[] fileByte = (byte[]) result.getObject("fileByte");
if (fileName.length() > 150) // 解决IE 6.0 bug
{
fileName = new String(fileName.getBytes("GBK"), "ISO-8859-1");
} else {
fileName = URLEncoder.encode(fileName, "UTF-8");
}
contentDisposition.append(fileName);
response.setHeader("Content-disposition", contentDisposition.toString());
OutputStream os = response.getOutputStream();
os.write(fileByte);
} catch (ApplicationException e) {
response.getOutputStream().close();
LogHandler.saveBizLog(request, e.getMessage());
return this.showErrorMessage(e.getMessage());
}
response.getOutputStream().close();
return null;
}
/**
* 登录方法
*
* @author zqr
* @return void
* @param request
* @param response
* @throws AppException
* @date 创建时间 Mar 18, 2010
* @since V1.0
*/
public ModelAndView doLogon(
HttpServletRequest request, HttpServletResponse response, DataObject para)
throws AppException {
try {
Cookie cookie;
CurrentUser user;
DataStore myfunctionDs;
DataStore allFunctionDs;
DataStore functionDs;
DataStore functionButtonList;
DataObject rightObject;
String userid = para.getString(GlobalNames.USERID);
String passwd = para.getString(GlobalNames.PASSWD);
userid = StringUtil.filterDangerString(userid);
passwd = StringUtil.filterDangerString(passwd);
String userLogSign = para.getString("userLogSign");
String passWordLogSign = para.getString("passWordLogSign");
HttpSession session = request.getSession(true);
if (userLogSign.equals("1")) {
cookie = new Cookie("userid", userid);
cookie.setMaxAge(0x93a80);
response.addCookie(cookie);
}
if (passWordLogSign.equals("1")) {
cookie = new Cookie("passwd", passwd);
cookie.setMaxAge(0x93a80);
response.addCookie(cookie);
}
// 校验版本
// if (!LogonUtil.checkFrameWorkVersion()) {
// ActionUtil.writeMessageToResponse(response, "校验系统框架版本信息出错");
// return null;
// }
// if (!LogonUtil.checkAppVersion()) {
// ActionUtil.writeMessageToResponse(response, "校验系统版本信息出错");
// return null;
// }
user = (CurrentUser) session.getAttribute(GlobalNames.CURRENT_USER);
if (user != null) {
String oldUserID = user.getUserid();
if (!userid.equals(oldUserID)) {
ActionUtil.writeMessageToResponse(response, "已经登录了一个其他用户,请先退出再登录该用户");
return null;
}
}
// 校验用户名,密码
userid = userid != null ? userid.trim() : "";
if (userid == null || "".equals(userid)) {
ActionUtil.writeMessageToResponse(response, "用户名不能为空!");
return null;
}
// 校验密码
user = LogonUtil.getUser(userid);
// 20120724 modi by www 记录用户验证错误的次数
String lockInfo = LogonStatusMap.isLock(user.getUserid());
if (!"".equals(lockInfo)) {
ActionUtil.writeMessageToResponse(response, lockInfo);
return null;
}
// 判断密码是否正确
passwd = passwd != null ? passwd.trim() : "";
if (!passwd.equals(user.getPassword())) {
String checkInfo = LogonStatusMap.checkUser(userid); // 记录验证错误的次数
ActionUtil.writeMessageToResponse(response, "您输入的密码不正确," + checkInfo);
return null;
} else {
LogonStatusMap.remove(userid); // 验证通过后删除用户验证错误的记录
}
// 20120724 end modi by www
user.setIp(request.getRemoteAddr());
if (GlobalNames.DEMOMODE.equalsIgnoreCase("true")) { // 10.1.0.73
// 公司内部演示系统使用。
String ip = user.getIp();
// 是否是“10.”ip段的用户
if (!(ip.subSequence(0, 3).equals("10."))) {
ActionUtil.writeMessageToResponse(response, "您所在的ip段不允许登录本系统!");
return null;
}
// 校验是否是外网用户
if (ip.equals("10.1.0.249")) { // 是外网用户
if (!userid.equals("demo")) { // 是否是可以在外网登陆的用户名
ActionUtil.writeMessageToResponse(response, "外网用户请先申请外网账号和密码!");
return null;
}
}
}
// 获取allFuncitonDS,以及functionButtonList;
allFunctionDs =
(DataStore)
request.getSession().getServletContext().getAttribute(GlobalNames.ALL_FUNCTION_LIST);
rightObject = LogonUtil.getFunctionDs(userid, allFunctionDs);
functionDs = rightObject.getDataStore("functionDs");
functionButtonList = rightObject.getDataStore("functionButtonList");
myfunctionDs = LogonUtil.getMyFunctionDs(userid, allFunctionDs);
// 获取json功能列表
String jsonFunctionList = null;
try {
jsonFunctionList = LogonUtil.getJsonFunctionList(functionDs, myfunctionDs);
} catch (JSONException e) {
e.printStackTrace();
}
// 获取用户自定义的jsp模版
Map<String, String> mapUserMode = LogonUtil.getJspMode(userid, user.getJgbh());
// 往session中存值。
String sysNotice = LogonUtil.hasSysNotic(); // 20120723 add by www 获取系统消息
session.setAttribute("sysNotice", sysNotice);
session.setAttribute(GlobalNames.CURRENT_USER, user);
session.setAttribute(
GlobalNames.PAGE_SIZE,
Integer.toString(
ScreenTool.getPageSize(para.getInt("screenHeight"), para.getString("mode"))));
session.setAttribute(
GlobalNames.COUNTPERROW,
Integer.toString(ScreenTool.getCountPerRow(para.getInt("screenWidth"))));
session.setAttribute(
GlobalNames.TABLE_WIDTH,
Integer.toString(ScreenTool.getTableWidth(para.getInt("screenWidth"))));
session.setAttribute("fromProduct", para.getStringPara("fromProduct"));
session.setAttribute(GlobalNames.FUNCTION_LIST, functionDs);
session.setAttribute(GlobalNames.MYFUNCTION_LIST, myfunctionDs);
session.setAttribute(GlobalNames.FUNCTION_BUTTON_LIST, functionButtonList);
session.setAttribute(GlobalNames.PROGRESSBAR_MAP, new HashMap<String, ProgressBar>());
session.setAttribute(GlobalNames.JSP_USER_MAP_NAME, mapUserMode);
session.setAttribute("functionJson", jsonFunctionList);
try {
Delegator.execute(
"com.dareway.framework.log.LogonLogBPO", "logLogon", new DataObject(), user);
} catch (Exception e) {
e.printStackTrace();
}
ActionUtil.writeMessageToResponse(response, "true");
return null;
} catch (ApplicationException e) {
ActionUtil.writeMessageToResponse(response, e.getMessage());
return null;
}
}