只允许index.html访问

whycxzp

2022-06-12 279db9aa43c39baddb8a4846fa838a5ce48b0352

只允许index.html访问

 src/com/fgkj/Filters/LoginFilter.java

@@ -1,14 +1,11 @@
package com.fgkj.Filters;

import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@@ -17,6 +14,7 @@
import com.fgkj.dto.User;
import com.fgkj.dto.User_inf;
import com.fgkj.dto.Vip_user;
import org.apache.struts2.ServletActionContext;

public class LoginFilter implements Filter {

@@ -26,16 +24,33 @@

    public void doFilter(ServletRequest req, ServletResponse resp,
            FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request=(HttpServletRequest)req;
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;
        String queryString = request.getQueryString();

        String URL=request.getRequestURI();
        String[] uri=request.getRequestURI().split("/");
        String source=uri[uri.length-1];
        //String URL = request.getRequestURI();
        String servletPath = request.getServletPath();
        /*String realPath = request.getRealPath("/");

        String URL2 = servletPath.substring(1,servletPath.length());
        URL2 = URL2.replace("/",File.separator);
        //List fileList = (List) request.getServletContext().getAttribute("file");
        List fileList = (List) request.getSession().getServletContext().getAttribute("file");
        if(!fileList.contains(realPath+URL2)){
            response.setStatus(302);
            req.getRequestDispatcher("/no_page.html").forward(req,response);
            return;
        }*/
        if(!servletPath.equals("/index.html")){
            response.setStatus(302);
            req.getRequestDispatcher("/no_page.html").forward(req,response);
            return;
        }

        //System.out.println(source);
        ActionUtil.getSession();
        User_inf user=(User_inf)ActionUtil.getSession().getAttribute("user");
        Vip_user vuser=(Vip_user)ActionUtil.getSession().getAttribute("vip");
        User_inf user = (User_inf) ActionUtil.getSession().getAttribute("user");
        Vip_user vuser = (Vip_user) ActionUtil.getSession().getAttribute("vip");
        /*if(source.equals("login.jsp") || source.equals("fuguang") || source.equals("CheckClient.jsp")){
            chain.doFilter(req, resp);        
        }else if(user!=null && !source.equals("navConfig.jsp")){
@@ -49,15 +64,16 @@
            //out.print("<script charset='UTF-8'>alert('"+getText("You are not logged in, please log in")+"');window.location.href='login.jsp'</script>");
        }*/
        //如果是登录操作
        if("login".equals(queryString)) {
            chain.doFilter(req, resp);
        //如果不是登录操作
        }else if(user!=null|vuser!=null){
            chain.doFilter(req, resp);
        }else{
        if ("login".equals(queryString)) {
            chain.doFilter(req, response);
            //如果不是登录操作
        } else if (user != null | vuser != null) {
            chain.doFilter(req, response);
        } else {
            chain.doFilter(req, response);
            //System.out.println("还未登陆请登陆 LoginFilter");
            PrintWriter out=ActionUtil.getOut();
            out.print("<script charset='UTF-8'>window.location.href='index.html?login'</script>");
            //PrintWriter out=ActionUtil.getOut();
            //out.print("<script charset='UTF-8'>window.location.href='index.html?login'</script>");
            //out.print("<script charset='UTF-8'>alert('"+getText("You are not logged in, please log in")+"');window.location.href='login.jsp'</script>");
        }
    }

 src/com/fgkj/Listeners/ApplicationListener.java

@@ -14,9 +14,11 @@
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Properties;

/**
@@ -66,6 +68,10 @@
        //版本迭代需要打补丁，PageParamUser追加字段type,扩展表的使用范围，原来表记录的type字段统一追加为1
        new PageParamUserDao().setOldRecord();

        /*String realPath = servletContextEvent.getServletContext().getRealPath("/");
        //允许的静态文件路径存储
        ArrayList<String> staticFileList = getStaticFilePath(realPath, new File(realPath), new ArrayList<>());
        application.setAttribute("file",staticFileList);*/
    }

    @Override
@@ -85,6 +91,35 @@

    }

    private ArrayList<String> getStaticFilePath(String path, File file, ArrayList<String> list){

        //如果是文件的情况
        if (file.isFile()){
            list.add(file.getAbsolutePath());
        }else{
            //如果是目录的情况
            //创建一个File数组来存储当前目录下所有文件和目录的绝对路径
            File[] files = file.listFiles();
            //循环遍历files
            for (File fileTemp : files){
                if(fileTemp.getName().equals("WEB-INF")){
                    continue;
                }
                //子级是目录
                if (fileTemp.isDirectory()){
                    //递归再次进行判断
                    getStaticFilePath(path,fileTemp, list);
                }else{
                    //子级是文件
                    String absolutePath = fileTemp.getAbsolutePath();
                    list.add(absolutePath);
                    //System.out.println(temp + "文件 :" + fileTemp.getName() + "\t");
                }
            }
        }
        return list;
    }

    class CalculateTimeInUse implements Runnable{
        @Override
        public void run() {