package mircoders.servlet;
import java.io.*;
+import java.lang.*;
import java.sql.*;
import java.util.*;
+import java.net.*;
+import java.lang.reflect.*;
import javax.servlet.*;
import javax.servlet.http.*;
import com.oreilly.servlet.multipart.*;
import com.oreilly.servlet.*;
+import org.xml.sax.InputSource;
+import org.xml.sax.XMLReader;
+
+import org.apache.fop.apps.Driver;
+import org.apache.fop.apps.Version;
+import org.apache.fop.apps.XSLTInputHandler;
+
+import org.apache.log.*;
+
import mir.servlet.*;
import mir.module.*;
import mir.misc.*;
import mir.entity.*;
import mir.storage.*;
+import mir.media.*;
import mircoders.entity.*;
import mircoders.storage.*;
public class ServletModuleOpenIndy extends ServletModule
{
- private String commentFormTemplate, commentFormDoneTemplate, commentFormDupeTemplate;
- private String postingFormTemplate, postingFormDoneTemplate;
- private ModuleContent contentModule;
- private ModuleImages imageModule;
- private ModuleTopics themenModule;
- private String directOp ="yes";
-
+ private String commentFormTemplate, commentFormDoneTemplate,
+ commentFormDupeTemplate;
+ private String postingFormTemplate, postingFormDoneTemplate,
+ postingFormDupeTemplate;
+ private ModuleContent contentModule;
+ private ModuleImages imageModule;
+ private ModuleTopics themenModule;
+ private String directOp ="yes";
+ private String passwdProtection ="yes";
// Singelton / Kontruktor
private static ServletModuleOpenIndy instance = new ServletModuleOpenIndy();
public static ServletModule getInstance() { return instance; }
commentFormDupeTemplate = MirConfig.getProp("ServletModule.OpenIndy.CommentDupeTemplate");
postingFormTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingTemplate");
postingFormDoneTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingDoneTemplate");
+ postingFormDupeTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingDupeTemplate");
directOp = MirConfig.getProp("DirectOpenposting").toLowerCase();
+ passwdProtection = MirConfig.getProp("PasswdProtection").toLowerCase();
mainModule = new ModuleComment(DatabaseComment.getInstance());
contentModule = new ModuleContent(DatabaseContent.getInstance());
themenModule = new ModuleTopics(DatabaseTopics.getInstance());
imageModule = new ModuleImages(DatabaseImages.getInstance());
defaultAction="addposting";
+
}
catch (StorageObjectException e) {
theLog.printError("servletmoduleopenindy could not be initialized");
String aid = req.getParameter("aid"); // the article id the comment will belong to
if (aid!=null && !aid.equals(""))
{
- SimpleHash mergeData = new SimpleHash();
- // ok, article
+ SimpleHash mergeData = new SimpleHash();
+
+ // onetimepasswd
+ if(passwdProtection.equals("yes")){
+ String passwd = this.createOneTimePasswd();
+ System.out.println(passwd);
+ HttpSession session = req.getSession(false);
+ session.setAttribute("passwd",passwd);
+ mergeData.put("passwd", passwd);
+ }
+
mergeData.put("aid", aid);
deliver(req, res, mergeData, commentFormTemplate);
}
* the commentDone Page
*/
- public void inscomment(HttpServletRequest req, HttpServletResponse res) throws ServletModuleException
+ public void inscomment(HttpServletRequest req, HttpServletResponse res)
+ throws ServletModuleException,ServletModuleUserException
{
String aid = req.getParameter("to_media"); // the article id the comment will belong to
if (aid!=null && !aid.equals(""))
// ok, collecting data from form
try {
HashMap withValues = getIntersectingValues(req, DatabaseComment.getInstance());
+
+ //no html in comments(for now)
+ for (Iterator i=withValues.keySet().iterator(); i.hasNext(); ){
+ String k=(String)i.next();
+ String v=(String)withValues.get(k);
+
+ withValues.put(k,StringUtil.removeHTMLTags(v));
+ }
withValues.put("is_published","1");
-
- // Dupe detection
- EntityList com = mainModule.getByWhereClause("description='"+req.getParameter("description")+"' AND to_media='"+aid+"' AND creator='"+req.getParameter("creator")+"'", 0);
- if (com.getCount() > 0) {
- theLog.printDebugInfo("Comment dupe dropped for article "+aid);
- deliver(req, res, (TemplateModelRoot) null, commentFormDupeTemplate);
- } else {
-
- // inserting into database
- String id = mainModule.add(withValues);
+
+ //checking the onetimepasswd
+ if(passwdProtection.equals("yes")){
+ HttpSession session = req.getSession(false);
+ String sessionPasswd = (String)session.getAttribute("passwd");
+ if ( sessionPasswd == null){
+ throw new ServletModuleUserException("Lost password");
+ }
+ String passwd = req.getParameter("passwd");
+ if ( passwd == null || (!sessionPasswd.equals(passwd))) {
+ throw new ServletModuleUserException("Missing password");
+ }
+ session.invalidate();
+ }
+
+ // inserting into database
+ String id = mainModule.add(withValues);
+ theLog.printDebugInfo("id: "+id);
+ //insert was not successfull
+ if(id==null){
+ deliver(req, res, new SimpleHash(), commentFormDupeTemplate);
+ }
- // producing new page
- new ProducerContent().handle(null, null, true, false, aid);
+ // producing new page
+ new ProducerContent().handle(null, null, true, false, aid);
- // sync the server
- int exitValue = Helper.rsync();
- theLog.printDebugInfo("rsync:"+exitValue);
+ // sync the server
+ int exitValue = Helper.rsync();
+ theLog.printDebugInfo("rsync:"+exitValue);
- // redirecting to url
- // should implement back to article
- SimpleHash mergeData = new SimpleHash();
- deliver(req, res, mergeData, commentFormDoneTemplate);
- }
+ // redirecting to url
+ // should implement back to article
+ SimpleHash mergeData = new SimpleHash();
+ deliver(req, res, mergeData, commentFormDoneTemplate);
}
catch (StorageObjectException e) { throw new ServletModuleException(e.toString());}
catch (ModuleException e) { throw new ServletModuleException(e.toString());}
* Method for delivering the form-Page for open posting
*/
- public void addposting(HttpServletRequest req, HttpServletResponse res) throws ServletModuleException
- {
+ public void addposting(HttpServletRequest req, HttpServletResponse res)
+ throws ServletModuleException {
SimpleHash mergeData = new SimpleHash();
+
+ // onetimepasswd
+ if(passwdProtection.equals("yes")){
+ String passwd = this.createOneTimePasswd();
+ System.out.println(passwd);
+ HttpSession session = req.getSession(false);
+ session.setAttribute("passwd",passwd);
+ mergeData.put("passwd", passwd);
+ }
+
+ String maxMedia = MirConfig.getProp("ServletModule.OpenIndy.MaxMediaUploadItems");
String numOfMedia = req.getParameter("medianum");
if(numOfMedia==null||numOfMedia.equals("")){
numOfMedia="1";
+ } else if(Integer.parseInt(numOfMedia) > Integer.parseInt(maxMedia)) {
+ numOfMedia = maxMedia;
}
int mediaNum = Integer.parseInt(numOfMedia);
}
mergeData.put("medianum",numOfMedia);
mergeData.put("mediafields",mediaFields);
- mergeData.put("themenPopupData", themenModule.getTopicsAsSimpleList());
- /** @todo popups missing */
+ SimpleHash extraInfo = new SimpleHash();
try{
- mergeData.put("languagePopUpData",DatabaseLanguage.getInstance().getPopupData());
+ SimpleList popUpData = DatabaseLanguage.getInstance().getPopupData();
+ extraInfo.put("languagePopUpData", popUpData );
+ extraInfo.put("themenPopupData", themenModule.getTopicsAsSimpleList());
} catch (Exception e) {
- theLog.printError("languagePopUpData failed");
+ theLog.printError("languagePopUpData or getTopicslist failed "
+ +e.toString());
+ throw new ServletModuleException("OpenIndy -- failed getting language or topics: "+e.toString());
}
- deliver(req, res, mergeData, postingFormTemplate);
+
+ deliver(req, res, mergeData, extraInfo, postingFormTemplate);
}
/**
*/
public void insposting(HttpServletRequest req, HttpServletResponse res)
- throws ServletModuleException
+ throws ServletModuleException, ServletModuleUserException
{
SimpleHash mergeData = new SimpleHash();
boolean setMedia=false;
+ boolean setTopic = false;
try {
WebdbMultipartRequest mp = new WebdbMultipartRequest(req);
HashMap withValues = mp.getParameters();
+
+ //checking the onetimepasswd
+ if(passwdProtection.equals("yes")){
+ HttpSession session = req.getSession(false);
+ String sessionPasswd = (String)session.getAttribute("passwd");
+ if ( sessionPasswd == null){
+ throw new ServletModuleUserException("Lost password");
+ }
+ String passwd = (String)withValues.get("passwd");
+ if ( passwd == null || (!sessionPasswd.equals(passwd))) {
+ throw new ServletModuleUserException("Missing password");
+ }
+ session.invalidate();
+ }
+
+ if ((((String)withValues.get("title")).length() == 0) ||
+ (((String)withValues.get("description")).length() == 0) ||
+ (((String)withValues.get("content_data")).length() == 0))
+ throw new ServletModuleUserException("Missing field");
+
+ // call the routines that escape html
+
+ for (Iterator i=withValues.keySet().iterator(); i.hasNext(); ){
+ String k=(String)i.next();
+ String v=(String)withValues.get(k);
+
+ if (k.equals("content_data")){
+ //this doesn't quite work yet, so for now, all html goes
+ //withValues.put(k,StringUtil.approveHTMLTags(v));
+ //withValues.put(k,StringUtil.removeHTMLTags(v));
+ } else {
+ withValues.put(k,StringUtil.removeHTMLTags(v));
+ }
+
+ }
+
withValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar()));
withValues.put("publish_path", StringUtil.webdbDate2path((String)withValues.get("date")));
withValues.put("is_produced", "0");
- // op-articles are immediatly published
- withValues.put("is_published","1");
+ // op-articles are not immediatly published
+ // we don't know that all is good yet (media, title is present, etc..)
+ withValues.put("is_published","0");
// if op direct article-type == newswire
if (directOp.equals("yes")) withValues.put("to_article_type","1");
// inserting content into database
String cid = contentModule.add(withValues);
+ theLog.printDebugInfo("id: "+cid);
+ //insert was not successfull
+ if(cid==null){
+ //How do we know that it was not succesful cause of a
+ //dupe, what if it failed cause of "No space left on device"?
+ //Or is there something I am missing? Wouldn't it be better
+ //to have an explicit dupe check and then insert? I have no
+ //idea what I am talking about. this comment is in case
+ //I forget to explicitely ask. -mh
+ deliver(req, res, mergeData, postingFormDupeTemplate);
+ }
- String[] to_topicsArr = mp.getParameterValues("to_topic");
- if (to_topicsArr != null && to_topicsArr.length > 0) {
+ String[] to_topicsArr = mp.getParameterValues("to_topic");
+
+ if (to_topicsArr != null && to_topicsArr.length > 0) {
try{
DatabaseContentToTopics.getInstance().setTopics(cid,to_topicsArr);
- theLog.printError("setting content_x_topic success");
+ setTopic = true;
} catch (Exception e) {
theLog.printError("setting content_x_topic failed");
+ contentModule.deleteById(cid);
+ throw new ServletModuleException("smod - openindy :: insposting: setting content_x_topic failed: "+e.toString());
} //end try
} //end if
int i=1;
for(Iterator it = mp.requestList.iterator(); it.hasNext();){
MpRequest mpReq = (MpRequest)it.next();
- byte[] mediaData=mpReq.getMedia();
- String fileName=mpReq.getFilename();
- String contentType=mpReq.getContentType();
- if (mediaData!=null && fileName!=null) {
- HashMap mediaValues = new HashMap();
- mediaValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar()));
- mediaValues.put("to_publisher", "1"); // op user
- mediaValues.put("to_media_folder", "7"); // op media_folder
- mediaValues.put("is_produced", "0");
- mediaValues.put("is_published","1");
-
- String mediaTitle=(String)withValues.get("media_title"+i);
- i++;
- if (mediaTitle==null)
- mediaTitle = (String)withValues.get("title");
- mediaValues.put("title",mediaTitle);
-
- if (fileName.toLowerCase().endsWith("rm")) {
- // this is video !!
- //theLog.printDebugInfo("--GOT VIDEO");
- EntityVideo entVideo = new EntityVideo(DatabaseVideos.getInstance());
- entVideo.setValues(mediaValues);
- mediaId = entVideo.insert();
- entVideo.setVideoData(mediaData);
- }
- else if (contentType.equals("image/jpeg") || contentType.equals("image/gif")) {
- // this is image !!
- mediaId = imageModule.add(mediaValues);
- EntityImage entImage = (EntityImage)imageModule.getById(mediaId);
-
- int fileType = -1;
- if (contentType.equals("image/jpeg")) fileType=0;
- if (contentType.equals("image/gif")) fileType=1;
- if (fileType>=0) {
- entImage.setImage(mediaData, fileType);
- // inserting content and media id in table content_x_media
- try{
- DatabaseContentToMedia.getInstance().addMedia(cid,mediaId);
- theLog.printError("setting content_x_media success");
- } catch (Exception e) {
- theLog.printError("setting content_x_media failed");
- }
-
- // producing new page
- if(mediaId!=null){
- new ProducerImages().handle(null, null, false, false, mediaId);
- }
- } else {
- theLog.printDebugInfo("Wrong file uploaded!" + fileName);
- }
- }
+ String fileName = mpReq.getFilename();
+
+ //get the content-type from what the client browser
+ //sends us. (the "Oreilly method")
+ String contentType = mpReq.getContentType();
+
+ theLog.printInfo("FROM BROWSER: "+contentType);
+
+ //if the client browser sent us unknown (text/plain is default)
+ //or if we got application/octet-stream, it's possible that
+ //the browser is in error, better check against the file extension
+ if (contentType.equals("text/plain") ||
+ contentType.equals("application/octet-stream")) {
+ /**
+ * Fallback to finding the mime-type through the standard ServletApi
+ * ServletContext getMimeType() method.
+ *
+ * This is a way to get the content-type via the .extension,
+ * we could maybe use a magic method as an additional method of
+ * figuring out the content-type, by looking at the header (first
+ * few bytes) of the file. (like the file(1) command). We could
+ * also call the "file" command through Runtime. This is an
+ * option that I almost prefer as it is already implemented and
+ * exists with an up-to-date map on most modern Unix like systems.
+ * I haven't found a really nice implementation of the magic method
+ * in pure java yet.
+ *
+ * The first method we try thought is the "Oreilly method". It
+ * relies on the content-type that the client browser sends and
+ * that sometimes is application-octet stream with
+ * broken/mis-configured browsers.
+ *
+ * The map file we use for the extensions is the standard web-app
+ * deployment descriptor file (web.xml). See Mir's web.xml or see
+ * your Servlet containers (most likely Tomcat) documentation.
+ * So if you support a new media type you have to make sure that
+ * it is in this file -mh
+ */
+ ServletContext ctx =
+ (ServletContext)MirConfig.getPropAsObject("ServletContext");
+ contentType = ctx.getMimeType(fileName);
+ if (contentType==null)
+ contentType = "text/plain"; // rfc1867 says this is the default
+ }
+ HashMap mediaValues = new HashMap();
+
+ theLog.printInfo("CONTENT TYPE IS: "+contentType);
+
+ if (contentType.equals("text/plain") ||
+ contentType.equals("application/octet-stream")) {
+ contentModule.deleteById(cid);
+ _throwBadContentType(fileName, contentType);
+ }
+
+ String mediaTitle=(String)withValues.get("media_title"+i);
+ i++;
+
+ if ((mediaTitle == null) || (mediaTitle.length() == 0))
+ throw new ServletModuleUserException("Missing field");
+ //mediaTitle = (String)withValues.get("title");
+
+ mediaValues.put("title", mediaTitle);
+ mediaValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar()));
+ mediaValues.put("to_publisher", "1"); // op user
+ mediaValues.put("to_media_folder", "7"); // op media_folder
+ mediaValues.put("is_produced", "0");
+ mediaValues.put("is_published","0");
+
+ // @todo this should probably be moved to DatabaseMediaType -mh
+ String[] cTypeSplit = StringUtil.split(contentType, "/");
+ String wc = " mime_type LIKE '"+cTypeSplit[0]+"%'";
+
+ DatabaseMediaType mediaTypeStor = DatabaseMediaType.getInstance();
+ EntityList mediaTypesList = mediaTypeStor.selectByWhereClause(wc);
+
+ String mediaTypeId = null;
+ MirMedia mediaHandler;
+ Database mediaStorage;
+ ProducerMedia mediaProducer;
+
+ //if we didn't find an entry matching the
+ //content-type int the table.
+ if (mediaTypesList.size() == 0) {
+ contentModule.deleteById(cid);
+ _throwBadContentType(fileName, contentType);
+ }
+
+ Entity mediaType = null;
+ Entity mediaType2 = null;
+
+ // find out if we an exact content-type match if so take it.
+ // otherwise try to match majortype/*
+ // @todo this should probably be moved to DatabaseMediaType -mh
+ for(int j=0;j<mediaTypesList.size();j++) {
+ if(contentType.equals(
+ mediaTypesList.elementAt(j).getValue("mime_type")))
+ mediaType = mediaTypesList.elementAt(j);
+ else if ((mediaTypesList.elementAt(j).getValue("mime_type")).equals(
+ cTypeSplit[0]+"/*") )
+ mediaType2= mediaTypesList.elementAt(j);
}
- }
+
+ if ( (mediaType == null) && (mediaType2 == null) ) {
+ contentModule.deleteById(cid);
+ _throwBadContentType(fileName, contentType);
+ }
+ else if( (mediaType == null) && (mediaType2 != null) )
+ mediaType = mediaType2;
+
+ //get the class names from the media_type table.
+ mediaTypeId = mediaType.getId();
+ try {
+ // ############### @todo: merge these and the getURL call into one
+ // getURL helper call that just takes the Entity as a parameter
+ // along with media_type
+ mediaHandler = MediaHelper.getHandler(mediaType);
+ mediaStorage = MediaHelper.getStorage(mediaType,
+ "mircoders.storage.Database");
+ Class prodCls = Class.forName("mircoders.producer.Producer"
+ +mediaType.getValue("tablename"));
+ mediaProducer = (ProducerMedia)prodCls.newInstance();
+ } catch (Exception e) {
+ theLog.printError("getting media handler failed: "+e.toString());
+ contentModule.deleteById(cid);
+ throw new ServletModuleException("getting media handler failed: "
+ +e.toString());
+ }
+
+ mediaValues.put("to_media_type",mediaTypeId);
+
+ //load the classes via reflection
+ String MediaId;
+ Entity mediaEnt = null;
+ try {
+ mediaEnt = (Entity)mediaStorage.getEntityClass().newInstance();
+ mediaEnt.setStorage(mediaStorage);
+ mediaEnt.setValues(mediaValues);
+ mediaId = mediaEnt.insert();
+
+ //save and store the media data/metadata
+ mediaHandler.set(mpReq.getMedia(), mediaEnt,
+ mediaType);
+
+ //were done with mpReq at this point, dereference it.
+ //as it contains mucho mem. -mh 01.10.2001
+ mpReq=null;
+
+ //we got this far, associate the media to the article
+ mediaEnt.setValueForProperty("is_published","1");
+ mediaEnt.update();
+ //produce it
+ mediaProducer.handle(null, null, false, false, mediaId);
+ DatabaseContentToMedia.getInstance().addMedia(cid,mediaId);
+ } catch (Exception e) {
+ theLog.printError("setting media failed: "+e.toString());
+ contentModule.deleteById(cid);
+ throw new ServletModuleException("setting media failed: "
+ +e.toString());
+ }
+
+ } //end for Iterator...
+
+ //if we're here all is ok...
+ EntityContent contentEnt = (EntityContent)contentModule.getById(cid);
+ contentEnt.setValueForProperty("is_published","1");
+ contentEnt.update();
+
+
+ //dereference mp. -mh
+ mp=null;
// producing openpostinglist
new ProducerOpenPosting().handle(null,null,false,false);
//if direct op producing startpage
if (directOp.equals("yes")) new ProducerStartPage().handle(null,null);
-
+ //produce the topicPages if set
+ //should be more intelligent
+ //if(setTopic==true) new ProducerTopics().handle(null,null);
+
// sync the server
//should be configureable
int exitValue = Helper.rsync();
deliver(req, res, mergeData, postingFormDoneTemplate);
}
+/**
+ * Method for dynamically generating a pdf from a fo file
+ */
+
+
+ public void getpdf(HttpServletRequest req, HttpServletResponse res)
+ throws ServletModuleException, ServletModuleUserException {
+ String ID_REQUEST_PARAM = "id";
+
+ String generateFO=MirConfig.getProp("GenerateFO");
+ String generatePDF=MirConfig.getProp("GeneratePDF");
+
+ //don't do anything if we are not making FO files, or if we are pregenerating PDF's
+ if (generateFO.equals("yes") && generatePDF.equals("no")){
+
+ //fop complains unless you do the logging this way
+ Logger log = null;
+ Hierarchy hierarchy = Hierarchy.getDefaultHierarchy();
+ log = hierarchy.getLoggerFor("fop");
+ log.setPriority(Priority.WARN);
+
+ String producerStorageRoot=MirConfig.getProp("Producer.StorageRoot");
+ String producerDocRoot=MirConfig.getProp("Producer.DocRoot");
+ String templateDir = MirConfig.getPropWithHome("HTMLTemplateProcessor.Dir");
+ String xslSheet=templateDir + "/"
+ + MirConfig.getProp("Producer.PrintableContent.html2foStyleSheetName");
+ try {
+ String idParam = req.getParameter(ID_REQUEST_PARAM);
+ if (idParam != null){
+ EntityContent contentEnt = (EntityContent)contentModule.getById(idParam);
+ String publishPath = contentEnt.getValue("publish_path");
+ String foFile = producerStorageRoot + producerDocRoot + "/"
+ + publishPath + "/" + idParam + ".fo";
+ XSLTInputHandler input = new XSLTInputHandler(new File(foFile),
+ new File(xslSheet));
+
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ res.setContentType("application/pdf");
+
+ Driver driver = new Driver();
+ driver.setLogger(log);
+ driver.setRenderer(Driver.RENDER_PDF);
+ driver.setOutputStream(out);
+ driver.render(input.getParser(), input.getInputSource());
+
+ byte[] content = out.toByteArray();
+ res.setContentLength(content.length);
+ res.getOutputStream().write(content);
+ res.getOutputStream().flush();
+ }
+ else {
+ throw new ServletModuleUserException("Can't generate a PDF without an id parameter.");
+ }
+ }
+ catch (Exception ex) {
+ throw new ServletModuleException(ex.toString());
+ }
+ }
+ else {
+ throw new ServletModuleUserException("Can't generate a PDF because the config tells me not to.");
+ }
+ }
+
+ private void _throwBadContentType (String fileName, String contentType)
+ throws ServletModuleUserException {
+
+ theLog.printDebugInfo("Wrong file type uploaded!: " + fileName+" "
+ +contentType);
+ throw new ServletModuleUserException("The file you uploaded is of the "
+ +"following mime-type: "+contentType
+ +", we do not support this mime-type. "
+ +"Error One or more files of unrecognized type. Sorry");
+ }
+
+ protected String createOneTimePasswd(){
+ Random r = new Random();
+ int random = r.nextInt();
+ long l = System.currentTimeMillis();
+ l = (l*l*l*l)/random;
+ if(l<0) l = l * -1;
+ String returnString = ""+l;
+ return returnString.substring(5);
+ }
+
}
+
+