1 package mircoders.servlet;
8 import java.lang.reflect.*;
9 import javax.servlet.*;
10 import javax.servlet.http.*;
12 import freemarker.template.*;
13 import com.oreilly.servlet.multipart.*;
14 import com.oreilly.servlet.*;
23 import mircoders.entity.*;
24 import mircoders.storage.*;
25 import mircoders.module.*;
26 import mircoders.producer.*;
27 import mircoders.global.*;
28 import mircoders.localizer.*;
31 * ServletModuleOpenIndy -
32 * is the open-access-servlet, which is responsible for
33 * adding comments to articles &
34 * open-postings to the newswire
39 public class ServletModuleOpenIndy extends ServletModule
42 private String commentFormTemplate, commentFormDoneTemplate,
43 commentFormDupeTemplate;
44 private String postingFormTemplate, postingFormDoneTemplate,
45 postingFormDupeTemplate;
46 private ModuleContent contentModule;
47 private ModuleImages imageModule;
48 private ModuleTopics themenModule;
49 private String directOp ="yes";
50 private String passwdProtection ="yes";
51 // Singelton / Kontruktor
52 private static ServletModuleOpenIndy instance = new ServletModuleOpenIndy();
53 public static ServletModule getInstance() { return instance; }
55 private ServletModuleOpenIndy() {
57 theLog = Logfile.getInstance(MirConfig.getProp("Home") + MirConfig.getProp("ServletModule.OpenIndy.Logfile"));
58 commentFormTemplate = MirConfig.getProp("ServletModule.OpenIndy.CommentTemplate");
59 commentFormDoneTemplate = MirConfig.getProp("ServletModule.OpenIndy.CommentDoneTemplate");
60 commentFormDupeTemplate = MirConfig.getProp("ServletModule.OpenIndy.CommentDupeTemplate");
61 postingFormTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingTemplate");
62 postingFormDoneTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingDoneTemplate");
63 postingFormDupeTemplate = MirConfig.getProp("ServletModule.OpenIndy.PostingDupeTemplate");
64 directOp = MirConfig.getProp("DirectOpenposting").toLowerCase();
65 passwdProtection = MirConfig.getProp("PasswdProtection").toLowerCase();
66 mainModule = new ModuleComment(DatabaseComment.getInstance());
67 contentModule = new ModuleContent(DatabaseContent.getInstance());
68 themenModule = new ModuleTopics(DatabaseTopics.getInstance());
69 imageModule = new ModuleImages(DatabaseImages.getInstance());
70 defaultAction="addposting";
73 catch (StorageObjectException e) {
74 theLog.printError("servletmoduleopenindy could not be initialized");
80 * Method for making a comment
83 public void addcomment(HttpServletRequest req, HttpServletResponse res) throws ServletModuleException
85 String aid = req.getParameter("aid"); // the article id the comment will belong to
86 String language = req.getParameter("language");
88 if (aid!=null && !aid.equals(""))
90 SimpleHash mergeData = new SimpleHash();
93 if(passwdProtection.equals("yes")){
94 String passwd = this.createOneTimePasswd();
95 System.out.println(passwd);
96 HttpSession session = req.getSession(false);
97 session.setAttribute("passwd",passwd);
98 mergeData.put("passwd", passwd);
101 if (language!=null) {
102 HttpSession session = req.getSession(false);
103 session.setAttribute("Locale", new Locale(language, ""));
104 session.setAttribute("passwd",language);
107 mergeData.put("aid", aid);
108 deliver(req, res, mergeData, commentFormTemplate);
110 else throw new ServletModuleException("aid not set!");
114 * Method for inserting a comment into the Database and delivering
115 * the commentDone Page
118 public void inscomment(HttpServletRequest req, HttpServletResponse res)
119 throws ServletModuleException,ServletModuleUserException
121 String aid = req.getParameter("to_media"); // the article id the comment will belong to
122 if (aid!=null && !aid.equals(""))
124 // ok, collecting data from form
126 HashMap withValues = getIntersectingValues(req, DatabaseComment.getInstance());
128 //no html in comments(for now)
129 for (Iterator i=withValues.keySet().iterator(); i.hasNext(); ){
130 String k=(String)i.next();
131 String v=(String)withValues.get(k);
133 withValues.put(k,StringUtil.removeHTMLTags(v));
135 withValues.put("is_published","1");
137 //checking the onetimepasswd
138 if(passwdProtection.equals("yes")){
139 HttpSession session = req.getSession(false);
140 String sessionPasswd = (String)session.getAttribute("passwd");
141 if ( sessionPasswd == null){
142 throw new ServletModuleUserException("Lost password");
144 String passwd = req.getParameter("passwd");
145 if ( passwd == null || (!sessionPasswd.equals(passwd))) {
146 throw new ServletModuleUserException("Missing password");
148 session.invalidate();
151 // inserting into database
152 String id = mainModule.add(withValues);
153 theLog.printDebugInfo("id: "+id);
154 //insert was not successfull
156 deliver(req, res, new SimpleHash(), commentFormDupeTemplate);
159 DatabaseContent.getInstance().setUnproduced("id="+aid);
160 MirGlobal.localizer().openPostings().afterCommentPosting();
164 // redirecting to url
165 // should implement back to article
166 SimpleHash mergeData = new SimpleHash();
167 deliver(req, res, mergeData, commentFormDoneTemplate);
169 catch (StorageObjectException e) { throw new ServletModuleException(e.toString());}
170 catch (ModuleException e) { throw new ServletModuleException(e.toString());}
173 else throw new ServletModuleException("aid not set!");
178 * Method for delivering the form-Page for open posting
181 public void addposting(HttpServletRequest req, HttpServletResponse res)
182 throws ServletModuleException {
183 SimpleHash mergeData = new SimpleHash();
186 if(passwdProtection.equals("yes")){
187 String passwd = this.createOneTimePasswd();
188 System.out.println(passwd);
189 HttpSession session = req.getSession(false);
190 session.setAttribute("passwd",passwd);
191 mergeData.put("passwd", passwd);
194 String maxMedia = MirConfig.getProp("ServletModule.OpenIndy.MaxMediaUploadItems");
195 String numOfMedia = req.getParameter("medianum");
196 if(numOfMedia==null||numOfMedia.equals("")){
198 } else if(Integer.parseInt(numOfMedia) > Integer.parseInt(maxMedia)) {
199 numOfMedia = maxMedia;
202 int mediaNum = Integer.parseInt(numOfMedia);
203 SimpleList mediaFields = new SimpleList();
204 for(int i =0; i<mediaNum;i++){
205 Integer mNum = new Integer(i+1);
206 mediaFields.add(mNum.toString());
208 mergeData.put("medianum",numOfMedia);
209 mergeData.put("mediafields",mediaFields);
212 SimpleHash extraInfo = new SimpleHash();
214 SimpleList popUpData = DatabaseLanguage.getInstance().getPopupData();
215 extraInfo.put("languagePopUpData", popUpData );
216 extraInfo.put("themenPopupData", themenModule.getTopicsAsSimpleList());
218 // ML: Bolivia specific, will move it towards localization
219 extraInfo.put("topics", themenModule.getTopicsList());
220 String defaultCity = req.getParameter("city");
221 if(defaultCity!=null && !defaultCity.equals("")){
222 extraInfo.put("city", defaultCity);
225 } catch (Exception e) {
226 theLog.printError("languagePopUpData or getTopicslist failed "
228 throw new ServletModuleException("OpenIndy -- failed getting language or topics: "+e.toString());
233 deliver(req, res, mergeData, extraInfo, postingFormTemplate);
237 * Method for inserting an open posting into the Database and delivering
238 * the postingDone Page
241 public void insposting(HttpServletRequest req, HttpServletResponse res)
242 throws ServletModuleException, ServletModuleUserException
244 SimpleHash mergeData = new SimpleHash();
245 boolean setMedia=false;
246 boolean setTopic = false;
249 WebdbMultipartRequest mp = new WebdbMultipartRequest(req);
251 HashMap withValues = mp.getParameters();
253 //checking the onetimepasswd
254 if(passwdProtection.equals("yes")){
255 HttpSession session = req.getSession(false);
256 String sessionPasswd = (String)session.getAttribute("passwd");
257 if ( sessionPasswd == null){
258 throw new ServletModuleUserException("Lost password");
260 String passwd = (String)withValues.get("passwd");
261 if ( passwd == null || (!sessionPasswd.equals(passwd))) {
262 throw new ServletModuleUserException("Missing password");
264 session.invalidate();
267 if ((((String)withValues.get("title")).length() == 0) ||
268 (((String)withValues.get("description")).length() == 0) ||
269 (((String)withValues.get("content_data")).length() == 0))
270 throw new ServletModuleUserException("Missing field");
272 // call the routines that escape html
274 for (Iterator i=withValues.keySet().iterator(); i.hasNext(); ){
275 String k=(String)i.next();
276 String v=(String)withValues.get(k);
278 if (k.equals("content_data")){
279 //this doesn't quite work yet, so for now, all html goes
280 //withValues.put(k,StringUtil.approveHTMLTags(v));
281 //withValues.put(k,StringUtil.removeHTMLTags(v));
283 withValues.put(k,StringUtil.removeHTMLTags(v));
288 withValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar()));
289 withValues.put("publish_path", StringUtil.webdbDate2path((String)withValues.get("date")));
290 withValues.put("is_produced", "0");
291 // op-articles are not immediatly published
292 // we don't know that all is good yet (media, title is present, etc..)
293 withValues.put("is_published","0");
294 // if op direct article-type == newswire
295 if (directOp.equals("yes")) withValues.put("to_article_type","1");
297 withValues.put("to_publisher","1");
299 // owner is openposting user
300 // ML: this is not multi-language friendly and this can be done in a template
301 // if (withValues.get("creator").toString().equals(""))
302 // withValues.put("creator","Anonym");
304 // inserting content into database
305 String cid = contentModule.add(withValues);
306 theLog.printDebugInfo("id: "+cid);
307 //insert was not successfull
309 //How do we know that it was not succesful cause of a
310 //dupe, what if it failed cause of "No space left on device"?
311 //Or is there something I am missing? Wouldn't it be better
312 //to have an explicit dupe check and then insert? I have no
313 //idea what I am talking about. this comment is in case
314 //I forget to explicitely ask. -mh
315 deliver(req, res, mergeData, postingFormDupeTemplate);
318 String[] to_topicsArr = mp.getParameterValues("to_topic");
320 if (to_topicsArr != null && to_topicsArr.length > 0) {
322 DatabaseContentToTopics.getInstance().setTopics(cid,to_topicsArr);
324 } catch (Exception e) {
325 theLog.printError("setting content_x_topic failed");
326 contentModule.deleteById(cid);
327 throw new ServletModuleException("smod - openindy :: insposting: setting content_x_topic failed: "+e.toString());
331 // if op contains uploaddata
334 for(Iterator it = mp.requestList.iterator(); it.hasNext();){
335 MpRequest mpReq = (MpRequest)it.next();
336 String fileName = mpReq.getFilename();
338 //get the content-type from what the client browser
339 //sends us. (the "Oreilly method")
340 String contentType = mpReq.getContentType();
342 theLog.printInfo("FROM BROWSER: "+contentType);
344 //if the client browser sent us unknown (text/plain is default)
345 //or if we got application/octet-stream, it's possible that
346 //the browser is in error, better check against the file extension
347 if (contentType.equals("text/plain") ||
348 contentType.equals("application/octet-stream")) {
350 * Fallback to finding the mime-type through the standard ServletApi
351 * ServletContext getMimeType() method.
353 * This is a way to get the content-type via the .extension,
354 * we could maybe use a magic method as an additional method of
355 * figuring out the content-type, by looking at the header (first
356 * few bytes) of the file. (like the file(1) command). We could
357 * also call the "file" command through Runtime. This is an
358 * option that I almost prefer as it is already implemented and
359 * exists with an up-to-date map on most modern Unix like systems.
360 * I haven't found a really nice implementation of the magic method
363 * The first method we try thought is the "Oreilly method". It
364 * relies on the content-type that the client browser sends and
365 * that sometimes is application-octet stream with
366 * broken/mis-configured browsers.
368 * The map file we use for the extensions is the standard web-app
369 * deployment descriptor file (web.xml). See Mir's web.xml or see
370 * your Servlet containers (most likely Tomcat) documentation.
371 * So if you support a new media type you have to make sure that
372 * it is in this file -mh
375 (ServletContext)MirConfig.getPropAsObject("ServletContext");
376 contentType = ctx.getMimeType(fileName);
377 if (contentType==null)
378 contentType = "text/plain"; // rfc1867 says this is the default
380 HashMap mediaValues = new HashMap();
382 theLog.printInfo("CONTENT TYPE IS: "+contentType);
384 if (contentType.equals("text/plain") ||
385 contentType.equals("application/octet-stream")) {
386 contentModule.deleteById(cid);
387 _throwBadContentType(fileName, contentType);
390 String mediaTitle=(String)withValues.get("media_title"+i);
393 if (mediaTitle==null)
394 mediaTitle = (String)withValues.get("title");
396 mediaValues.put("title", mediaTitle);
397 mediaValues.put("date", StringUtil.date2webdbDate(new GregorianCalendar()));
398 mediaValues.put("to_publisher", "1"); // op user
399 mediaValues.put("to_media_folder", "7"); // op media_folder
400 mediaValues.put("is_produced", "0");
401 mediaValues.put("is_published","0");
403 // @todo this should probably be moved to DatabaseMediaType -mh
404 String[] cTypeSplit = StringUtil.split(contentType, "/");
405 String wc = " mime_type LIKE '"+cTypeSplit[0]+"%'";
407 DatabaseMediaType mediaTypeStor = DatabaseMediaType.getInstance();
408 EntityList mediaTypesList = mediaTypeStor.selectByWhereClause(wc);
410 String mediaTypeId = null;
411 MirMedia mediaHandler;
412 Database mediaStorage;
413 // ProducerMedia mediaProducer;
415 //if we didn't find an entry matching the
416 //content-type int the table.
417 if (mediaTypesList.size() == 0) {
418 contentModule.deleteById(cid);
419 _throwBadContentType(fileName, contentType);
422 Entity mediaType = null;
423 Entity mediaType2 = null;
425 // find out if we an exact content-type match if so take it.
426 // otherwise try to match majortype/*
427 // @todo this should probably be moved to DatabaseMediaType -mh
428 for(int j=0;j<mediaTypesList.size();j++) {
429 if(contentType.equals(
430 mediaTypesList.elementAt(j).getValue("mime_type")))
431 mediaType = mediaTypesList.elementAt(j);
432 else if ((mediaTypesList.elementAt(j).getValue("mime_type")).equals(
433 cTypeSplit[0]+"/*") )
434 mediaType2= mediaTypesList.elementAt(j);
437 if ( (mediaType == null) && (mediaType2 == null) ) {
438 contentModule.deleteById(cid);
439 _throwBadContentType(fileName, contentType);
441 else if( (mediaType == null) && (mediaType2 != null) )
442 mediaType = mediaType2;
444 //get the class names from the media_type table.
445 mediaTypeId = mediaType.getId();
447 // ############### @todo: merge these and the getURL call into one
448 // getURL helper call that just takes the Entity as a parameter
449 // along with media_type
450 mediaHandler = MediaHelper.getHandler(mediaType);
451 mediaStorage = MediaHelper.getStorage(mediaType,
452 "mircoders.storage.Database");
453 // Class prodCls = Class.forName("mircoders.producer.Producer"
454 // +mediaType.getValue("tablename"));
455 // mediaProducer = (ProducerMedia)prodCls.newInstance();
456 } catch (Exception e) {
457 theLog.printError("getting media handler failed: "+e.toString());
458 contentModule.deleteById(cid);
459 throw new ServletModuleException("getting media handler failed: "
463 mediaValues.put("to_media_type",mediaTypeId);
465 //load the classes via reflection
467 Entity mediaEnt = null;
469 mediaEnt = (Entity)mediaStorage.getEntityClass().newInstance();
470 mediaEnt.setStorage(mediaStorage);
471 mediaEnt.setValues(mediaValues);
472 mediaId = mediaEnt.insert();
474 //save and store the media data/metadata
475 mediaHandler.set(mpReq.getMedia(), mediaEnt,
478 //were done with mpReq at this point, dereference it.
479 //as it contains mucho mem. -mh 01.10.2001
482 //we got this far, associate the media to the article
483 mediaEnt.setValueForProperty("is_published","1");
486 // mediaProducer.handle(null, null, false, false, mediaId);
487 DatabaseContentToMedia.getInstance().addMedia(cid,mediaId);
488 } catch (Exception e) {
489 theLog.printError("setting media failed: "+e.toString());
490 contentModule.deleteById(cid);
491 throw new ServletModuleException("setting media failed: "
495 } //end for Iterator...
497 //if we're here all is ok...
498 EntityContent contentEnt = (EntityContent)contentModule.getById(cid);
499 contentEnt.setValueForProperty("is_published","1");
503 //dereference mp. -mh
507 MirGlobal.localizer().openPostings().afterContentPosting();
509 catch (IOException e) { throw new ServletModuleException("IOException: "+ e.toString());}
510 catch (StorageObjectException e) { throw new ServletModuleException("StorageObjectException" + e.toString());}
511 catch (ModuleException e) { throw new ServletModuleException("ModuleException"+e.toString());}
513 deliver(req, res, mergeData, postingFormDoneTemplate);
516 private void _throwBadContentType (String fileName, String contentType)
517 throws ServletModuleUserException {
519 theLog.printDebugInfo("Wrong file type uploaded!: " + fileName+" "
521 throw new ServletModuleUserException("The file you uploaded is of the "
522 +"following mime-type: "+contentType
523 +", we do not support this mime-type. "
524 +"Error One or more files of unrecognized type. Sorry");
527 protected String createOneTimePasswd(){
528 Random r = new Random();
529 int random = r.nextInt();
530 long l = System.currentTimeMillis();
531 l = (l*l*l*l)/random;
533 String returnString = ""+l;
534 return returnString.substring(5);