X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=source%2Fmircoders%2Fservlet%2FServletModuleOpenIndy.java;h=2ef627cd7d1c19fd727f4781bf40b99943c8e0f5;hb=e8b69a8db51d6e12d789252b36258b27ea5ff7a3;hp=6483ef45b86782966d5261018f6f542d23f45a76;hpb=c03c0edfaadccc3f30ca41bf34c8730776d5250b;p=mir.git diff --git a/source/mircoders/servlet/ServletModuleOpenIndy.java b/source/mircoders/servlet/ServletModuleOpenIndy.java index 6483ef45..2ef627cd 100755 --- a/source/mircoders/servlet/ServletModuleOpenIndy.java +++ b/source/mircoders/servlet/ServletModuleOpenIndy.java @@ -13,6 +13,15 @@ import freemarker.template.*; import com.oreilly.servlet.multipart.*; import com.oreilly.servlet.*; +import org.xml.sax.InputSource; +import org.xml.sax.XMLReader; + +import org.apache.fop.apps.Driver; +import org.apache.fop.apps.Version; +import org.apache.fop.apps.XSLTInputHandler; + +import org.apache.log.*; + import mir.servlet.*; import mir.module.*; import mir.misc.*; @@ -31,7 +40,14 @@ import mircoders.producer.*; * adding comments to articles & * open-postings to the newswire * - * @author RK + * @author $Author: mh $ + * @version $Revision: 1.36 $ $Date: 2002/06/29 15:45:20 $ + * + * $Log: ServletModuleOpenIndy.java,v $ + * Revision 1.36 2002/06/29 15:45:20 mh + * cvs macros + * + * */ public class ServletModuleOpenIndy extends ServletModule @@ -45,7 +61,7 @@ public class ServletModuleOpenIndy extends ServletModule private ModuleImages imageModule; private ModuleTopics themenModule; private String directOp ="yes"; - + private String passwdProtection ="yes"; // Singelton / Kontruktor private static ServletModuleOpenIndy instance = new ServletModuleOpenIndy(); public static ServletModule getInstance() { return instance; } @@ -60,11 +76,13 @@ public class ServletModuleOpenIndy extends ServletModule postingFormDoneTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingDoneTemplate"); postingFormDupeTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingDupeTemplate"); directOp = MirConfig.getProp("DirectOpenposting").toLowerCase(); + passwdProtection = MirConfig.getProp("PasswdProtection").toLowerCase(); mainModule = new ModuleComment(DatabaseComment.getInstance()); contentModule = new ModuleContent(DatabaseContent.getInstance()); themenModule = new ModuleTopics(DatabaseTopics.getInstance()); imageModule = new ModuleImages(DatabaseImages.getInstance()); defaultAction="addposting"; + } catch (StorageObjectException e) { theLog.printError("servletmoduleopenindy could not be initialized"); @@ -81,8 +99,17 @@ public class ServletModuleOpenIndy extends ServletModule String aid = req.getParameter("aid"); // the article id the comment will belong to if (aid!=null && !aid.equals("")) { - SimpleHash mergeData = new SimpleHash(); - // ok, article + SimpleHash mergeData = new SimpleHash(); + + // onetimepasswd + if(passwdProtection.equals("yes")){ + String passwd = this.createOneTimePasswd(); + System.out.println(passwd); + HttpSession session = req.getSession(false); + session.setAttribute("passwd",passwd); + mergeData.put("passwd", passwd); + } + mergeData.put("aid", aid); deliver(req, res, mergeData, commentFormTemplate); } @@ -94,7 +121,8 @@ public class ServletModuleOpenIndy extends ServletModule * the commentDone Page */ - public void inscomment(HttpServletRequest req, HttpServletResponse res) throws ServletModuleException + public void inscomment(HttpServletRequest req, HttpServletResponse res) + throws ServletModuleException,ServletModuleUserException { String aid = req.getParameter("to_media"); // the article id the comment will belong to if (aid!=null && !aid.equals("")) @@ -111,7 +139,21 @@ public class ServletModuleOpenIndy extends ServletModule withValues.put(k,StringUtil.removeHTMLTags(v)); } withValues.put("is_published","1"); - + + //checking the onetimepasswd + if(passwdProtection.equals("yes")){ + HttpSession session = req.getSession(false); + String sessionPasswd = (String)session.getAttribute("passwd"); + if ( sessionPasswd == null){ + throw new ServletModuleUserException("Lost password"); + } + String passwd = req.getParameter("passwd"); + if ( passwd == null || (!sessionPasswd.equals(passwd))) { + throw new ServletModuleUserException("Missing password"); + } + session.invalidate(); + } + // inserting into database String id = mainModule.add(withValues); theLog.printDebugInfo("id: "+id); @@ -147,9 +189,22 @@ public class ServletModuleOpenIndy extends ServletModule public void addposting(HttpServletRequest req, HttpServletResponse res) throws ServletModuleException { SimpleHash mergeData = new SimpleHash(); + + // onetimepasswd + if(passwdProtection.equals("yes")){ + String passwd = this.createOneTimePasswd(); + System.out.println(passwd); + HttpSession session = req.getSession(false); + session.setAttribute("passwd",passwd); + mergeData.put("passwd", passwd); + } + + String maxMedia = MirConfig.getProp("ServletModule.OpenIndy.MaxMediaUploadItems"); String numOfMedia = req.getParameter("medianum"); if(numOfMedia==null||numOfMedia.equals("")){ numOfMedia="1"; + } else if(Integer.parseInt(numOfMedia) > Integer.parseInt(maxMedia)) { + numOfMedia = maxMedia; } int mediaNum = Integer.parseInt(numOfMedia); @@ -163,7 +218,6 @@ public class ServletModuleOpenIndy extends ServletModule SimpleHash extraInfo = new SimpleHash(); - /** @todo popups missing */ try{ SimpleList popUpData = DatabaseLanguage.getInstance().getPopupData(); extraInfo.put("languagePopUpData", popUpData ); @@ -172,7 +226,7 @@ public class ServletModuleOpenIndy extends ServletModule theLog.printError("languagePopUpData or getTopicslist failed " +e.toString()); throw new ServletModuleException("OpenIndy -- failed getting language or topics: "+e.toString()); - } + } deliver(req, res, mergeData, extraInfo, postingFormTemplate); } @@ -193,6 +247,20 @@ public class ServletModuleOpenIndy extends ServletModule WebdbMultipartRequest mp = new WebdbMultipartRequest(req); HashMap withValues = mp.getParameters(); + + //checking the onetimepasswd + if(passwdProtection.equals("yes")){ + HttpSession session = req.getSession(false); + String sessionPasswd = (String)session.getAttribute("passwd"); + if ( sessionPasswd == null){ + throw new ServletModuleUserException("Lost password"); + } + String passwd = (String)withValues.get("passwd"); + if ( passwd == null || (!sessionPasswd.equals(passwd))) { + throw new ServletModuleUserException("Missing password"); + } + session.invalidate(); + } if ((((String)withValues.get("title")).length() == 0) || (((String)withValues.get("description")).length() == 0) || @@ -281,7 +349,7 @@ public class ServletModuleOpenIndy extends ServletModule * This is a way to get the content-type via the .extension, * we could maybe use a magic method as an additional method of * figuring out the content-type, by looking at the header (first - * few bytes) of the file. (like the file(1) command). We could + * few bytes) of the file. (like the file(1) command). We could * also call the "file" command through Runtime. This is an * option that I almost prefer as it is already implemented and * exists with an up-to-date map on most modern Unix like systems. @@ -289,14 +357,14 @@ public class ServletModuleOpenIndy extends ServletModule * in pure java yet. * * The first method we try thought is the "Oreilly method". It - * relies on the content-type that the client browser sends and + * relies on the content-type that the client browser sends and * that sometimes is application-octet stream with * broken/mis-configured browsers. * * The map file we use for the extensions is the standard web-app * deployment descriptor file (web.xml). See Mir's web.xml or see * your Servlet containers (most likely Tomcat) documentation. - * So if you support a new media type you have to make sure that + * So if you support a new media type you have to make sure that * it is in this file -mh */ ServletContext ctx = @@ -318,8 +386,9 @@ public class ServletModuleOpenIndy extends ServletModule String mediaTitle=(String)withValues.get("media_title"+i); i++; - if (mediaTitle==null) - mediaTitle = (String)withValues.get("title"); + if ((mediaTitle == null) || (mediaTitle.length() == 0)) + throw new ServletModuleUserException("Missing field"); + //mediaTitle = (String)withValues.get("title"); mediaValues.put("title", mediaTitle); mediaValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar())); @@ -359,8 +428,8 @@ public class ServletModuleOpenIndy extends ServletModule mediaType = mediaTypesList.elementAt(j); else if ((mediaTypesList.elementAt(j).getValue("mime_type")).equals( cTypeSplit[0]+"/*") ) - mediaType2= mediaTypesList.elementAt(j); - } + mediaType2= mediaTypesList.elementAt(j); + } if ( (mediaType == null) && (mediaType2 == null) ) { contentModule.deleteById(cid); @@ -455,6 +524,69 @@ public class ServletModuleOpenIndy extends ServletModule deliver(req, res, mergeData, postingFormDoneTemplate); } +/** + * Method for dynamically generating a pdf from a fo file + */ + + + public void getpdf(HttpServletRequest req, HttpServletResponse res) + throws ServletModuleException, ServletModuleUserException { + String ID_REQUEST_PARAM = "id"; + + String generateFO=MirConfig.getProp("GenerateFO"); + String generatePDF=MirConfig.getProp("GeneratePDF"); + + //don't do anything if we are not making FO files, or if we are pregenerating PDF's + if (generateFO.equals("yes") && generatePDF.equals("no")){ + + //fop complains unless you do the logging this way + Logger log = null; + Hierarchy hierarchy = Hierarchy.getDefaultHierarchy(); + log = hierarchy.getLoggerFor("fop"); + log.setPriority(Priority.WARN); + + String producerStorageRoot=MirConfig.getProp("Producer.StorageRoot"); + String producerDocRoot=MirConfig.getProp("Producer.DocRoot"); + String templateDir = MirConfig.getPropWithHome("HTMLTemplateProcessor.Dir"); + String xslSheet=templateDir + "/" + + MirConfig.getProp("Producer.PrintableContent.html2foStyleSheetName"); + try { + String idParam = req.getParameter(ID_REQUEST_PARAM); + if (idParam != null){ + EntityContent contentEnt = (EntityContent)contentModule.getById(idParam); + String publishPath = contentEnt.getValue("publish_path"); + String foFile = producerStorageRoot + producerDocRoot + "/" + + publishPath + "/" + idParam + ".fo"; + XSLTInputHandler input = new XSLTInputHandler(new File(foFile), + new File(xslSheet)); + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + res.setContentType("application/pdf"); + + Driver driver = new Driver(); + driver.setLogger(log); + driver.setRenderer(Driver.RENDER_PDF); + driver.setOutputStream(out); + driver.render(input.getParser(), input.getInputSource()); + + byte[] content = out.toByteArray(); + res.setContentLength(content.length); + res.getOutputStream().write(content); + res.getOutputStream().flush(); + } + else { + throw new ServletModuleUserException("Can't generate a PDF without an id parameter."); + } + } + catch (Exception ex) { + throw new ServletModuleException(ex.toString()); + } + } + else { + throw new ServletModuleUserException("Can't generate a PDF because the config tells me not to."); + } + } + private void _throwBadContentType (String fileName, String contentType) throws ServletModuleUserException { @@ -465,7 +597,18 @@ public class ServletModuleOpenIndy extends ServletModule +", we do not support this mime-type. " +"Error One or more files of unrecognized type. Sorry"); } + + protected String createOneTimePasswd(){ + Random r = new Random(); + int random = r.nextInt(); + long l = System.currentTimeMillis(); + l = (l*l*l*l)/random; + if(l<0) l = l * -1; + String returnString = ""+l; + return returnString.substring(5); + } } +