飞机订票系统_Stage2

本文为MyEclipse下创建的一个Web Project

首先是scr目录下的java代码：

action包：

AdminloginAction.java：

package action;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.SelectBean;

/**
* MyEclipse Struts
* Creation date: 05-30-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="error" path="/admin/index.jsp"
* @struts.action-forward name="ok" path="/admin/modifypwd.jsp"
*/
public class AdminloginAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
// TODO Auto-generated method stub
response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String name = request.getParameter("name");
String pwd = request.getParameter("pwd");

String sql = "select * from employee where name='"+name+"' and pwd='"+pwd+"'";
String args[] = {"id","name","pwd","role","priority"};
SelectBean sb = new SelectBean();

ArrayList al = sb.select(args, sql);
String str = "";

if(al == null || al.size() == 0){
str = "error";
request.setAttribute("message", "用户名或密码错误！");
}else{
if(al.get(4).equals("1")){
str = "error";
request.setAttribute("message", "帐户已被管理员禁用！");
}else{
str = "ok";
HttpSession session = request.getSession();
session.setAttribute("adminlogin", al);
}
}
return mapping.findForward(str);
}
}

DanduAction.java:

package action;

import java.io.UnsupportedEncodingException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-30-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="ok" path="/admin/dandu.jsp"
*/
public class DanduAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String id = request.getParameter("id");
String content = request.getParameter("content");

String sql = "";
InsertUpdateDelBean ib = new InsertUpdateDelBean();
sql = "update dandu set content='"+content+"' where id="+id;
ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "操作成功！");
return mapping.findForward("ok");
}
}

DelAction.java

package action;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/**
* MyEclipse Struts
* Creation date: 05-31-2019
*
* XDoclet definition:
* @struts.action validate="true"
*/
public class DelAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
// TODO Auto-generated method stub
return null;
}
}

JipiaoAction.java

package action;

import java.io.UnsupportedEncodingException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-30-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="ok" path="/admin/jiapiao_list.jsp"
*/
public class JipiaoAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String mark = request.getParameter("mark");
String id = request.getParameter("id");
String flightCode = request.getParameter("flightCode");
String airplaneModel = request.getParameter("airplaneModel");
String airways = request.getParameter("airways");
String startPlace = request.getParameter("startPlace");
String destination = request.getParameter("destination");
String qifeitime = request.getParameter("qifeitime");
String daodatime = request.getParameter("daodatime");
String startAerodrome = request.getParameter("startAerodrome");
String targetAerodrome = request.getParameter("targetAerodrome");
String jingji = request.getParameter("jingji");
String jingjisums = request.getParameter("jingjisums");
String jingjizhekou = request.getParameter("jingjizhekou");
String toudeng = request.getParameter("toudeng");
String toudengsums = request.getParameter("toudengsums");
String toudengzhekou = request.getParameter("toudengzhekou");

String sql = "";
String str = "ok";

InsertUpdateDelBean ib = new InsertUpdateDelBean();

if(mark != null && mark.equals("add")){
sql = "insert into jipiao(flightCode,airplaneModel,airways,startPlace,destination,startDate,startTime,arrivalDate,arrivalTime,startAerodrome,targetAerodrome,jingji,jingjisums,jingjizhekou,toudeng,toudengsums,toudengzhekou) values('"+flightCode+"','"+airplaneModel+"','"+airways+"','"+startPlace+"','"+destination+"','"+qifeitime.substring(0,10)+"','"+qifeitime.substring(11,16)+"','"+daodatime.substring(0,10)+"','"+daodatime.substring(11,16)+"','"+startAerodrome+"','"+targetAerodrome+"','"+jingji+"','"+jingjisums+"','"+jingjizhekou+"','"+toudeng+"','"+toudengsums+"','"+toudengzhekou+"')";
}
if(mark != null && mark.equals("update")){
sql = "update jipiao set flightCode='"+flightCode+"',airplaneModel='"+airplaneModel+"',airways='"+airways+"',startPlace='"+startPlace+"',destination='"+destination+"',startDate='"+qifeitime.substring(0,10)+"',startTime='"+qifeitime.substring(11,16)+"',arrivalDate='"+daodatime.substring(0,10)+"',arrivalTime='"+daodatime.substring(11,16)+"',startAerodrome='"+startAerodrome+"',targetAerodrome='"+targetAerodrome+"',jingji='"+jingji+"',jingjisums='"+jingjisums+"',jingjizhekou='"+jingjizhekou+"',toudeng='"+toudeng+"',toudengsums='"+toudengsums+"',toudengzhekou='"+toudengzhekou+"' where id="+id;
}
ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "操作成功！");
return mapping.findForward(str);
}
}

ModifyAdminAction.java

package action;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-30-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="pwd" path="/admin/modifypwd.jsp"
* @struts.action-forward name="error" path="/admin/addadmin.jsp"
* @struts.action-forward name="ok" path="/admin/adminlist.jsp"
*/
public class ModifyadminAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String mark = request.getParameter("mark");


InsertUpdateDelBean ib = new InsertUpdateDelBean();
String sql = "";
String str = "";

HttpSession session = request.getSession();
ArrayList adminlogin = (ArrayList)session.getAttribute("adminlogin");

if(mark != null && mark.equals("password")){
String newpwd = request.getParameter("newpwd");
str = "pwd";
sql = "update employee set pwd='"+newpwd+"' where id="+adminlogin.get(0);
ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "密码修改成功！");
adminlogin.set(2, newpwd);
}
if(mark != null && mark.equals("insert")){
String name = request.getParameter("name");
String pwd = request.getParameter("pwd");
String email = request.getParameter("email");
String mobie = request.getParameter("mobie");
String realName = request.getParameter("realName");
String tel = request.getParameter("tel");
String partment = request.getParameter("partment");
String role = request.getParameter("role");
str = "ok";
sql = "insert into employee(name,pwd,email,mobie,realName,tel,partment,role) values('"+name+"','"+pwd+"','"+email+"','"+mobie+"','"+realName+"','"+tel+"','"+partment+"','"+role+"')";
int flag = ib.insertANDupdateANDdel(sql);
if(flag == -1){
str = "error";
request.setAttribute("message", "用户名重复！");
}else{
request.setAttribute("message", "操作成功！");
}
}
return mapping.findForward(str);
}
}

ModifyOrderAction.java

package action;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import util.Validate;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-31-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="users" path="/users/orders_list.jsp"
* @struts.action-forward name="admin" path="/admin/orders.jsp"
*/
public class ModifyordersAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String id = request.getParameter("id");
String mark = request.getParameter("mark");
String tply = request.getParameter("tply");
System.out.println(" bookCase******************s***action="+tply);
String zhuangtai = request.getParameter("zhuangtai");
String str = "";
String sql = "";

InsertUpdateDelBean ib = new InsertUpdateDelBean();
if(mark != null && mark.equals("users")){
str = "users";
sql = "update orders set orderState=1 where id="+id;
ib.insertANDupdateANDdel(sql);
}
if(mark != null && mark.equals("quxiao")){
str = "users";
sql = "update orders set orderState=-1 where id="+id;
ib.insertANDupdateANDdel(sql);
}


if(mark != null && mark.equals("tp")){
str = "users";
sql = "update orders set tply='"+tply+"', sftp='已申请退票' where id="+id;
System.out.println(" bookCase******************s***action="+sql);
ib.insertANDupdateANDdel(sql);
}





if(mark != null && mark.equals("admin")){
str = "admin";
HttpSession session = request.getSession();
ArrayList adminlogin = (ArrayList)session.getAttribute("adminlogin");
Validate v = new Validate();
sql = "update orders set orderState="+zhuangtai+",employee="+adminlogin.get(0)+",operatorTime='"+v.getSystemDate().substring(0,10)+"' where id="+id;
ib.insertANDupdateANDdel(sql);
}
request.setAttribute("message", "操作成功！");
return mapping.findForward(str);
}
}

ModifyUserAction.java

package action;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-31-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="zhiliao" path="/users/user_zhiliao.jsp"
* @struts.action-forward name="pwd" path="/users/user_pwd.jsp"
*/
public class ModifyuserAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String mark = request.getParameter("mark");
String str = "";

String newpwd = request.getParameter("newpwd");
InsertUpdateDelBean ib = new InsertUpdateDelBean();
HttpSession session = request.getSession();
ArrayList userlogin = (ArrayList)session.getAttribute("userlogin");

if(mark != null && mark.equals("userpass")){
str = "pwd";
String sql = "update users set pwd='"+newpwd+"' where id="+userlogin.get(0);
ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "密码修改成功！");
userlogin.set(2, newpwd);
}
if(mark != null && mark.equals("usertext")){
String email = request.getParameter("email");
String city = request.getParameter("city");
String mobie = request.getParameter("mobie");
String tel = request.getParameter("tel");
String address = request.getParameter("address");
String zcode = request.getParameter("zcode");
str = "zhiliao";
String sql = "update users set email='"+email+"',city='"+city+"',mobie='"+mobie+"',tel='"+tel+"',address='"+address+"',zcode='"+zcode+"' where id="+userlogin.get(0);
ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "资料修改成功！");
}

return mapping.findForward(str);
}
}

PriorityAction.java

package action;

import java.io.UnsupportedEncodingException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-30-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="users" path="/admin/yudingche_list.jsp"
* @struts.action-forward name="employee" path="/admin/adminlist.jsp"
*/
public class PriorityAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String id = request.getParameter("id");
String zhi = request.getParameter("zhi");
String mark = request.getParameter("mark");
String sfty;



if(zhi.equals("0")){
zhi = "1";
sfty="已同意退票";
}else{
zhi = "0";
sfty="不同意退票";
}
String sql;
InsertUpdateDelBean ib = new InsertUpdateDelBean();
if(mark.equals("orders")){
sql = "update "+mark+" set priority='"+zhi+"',sftp='"+sfty+"' where id="+id;
}else{
sql = "update "+mark+" set priority='"+zhi+"' where id="+id;
}

ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "操作成功！");
return mapping.findForward(mark);
}
}

RegAction.java

package action;

import java.io.UnsupportedEncodingException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-31-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="error" path="/users/reg.jsp"
* @struts.action-forward name="ok" path="/users/index.jsp"
*/
public class RegAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String name = request.getParameter("name");
String pwd = request.getParameter("pwd");
String email = request.getParameter("email");
String city = request.getParameter("city");
String mobie = request.getParameter("mobie");
String realName = request.getParameter("realName");
String tel = request.getParameter("tel");
String address = request.getParameter("address");
String zcode = request.getParameter("zcode");
String str = "ok";
String sql = "insert into users(name,pwd,email,city,mobie,realName,tel,address,zcode) values('"+name+"','"+pwd+"','"+email+"','"+city+"','"+mobie+"','"+realName+"','"+tel+"','"+address+"','"+zcode+"')";
InsertUpdateDelBean ib = new InsertUpdateDelBean();
int flag = ib.insertANDupdateANDdel(sql);
if(flag == -1){
str = "error";
request.setAttribute("message", "用户名重复！");
}else{
request.setAttribute("message", "操作成功！");
}
return mapping.findForward(str);
}
}

RemoveAction.java

package action;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/**
* MyEclipse Struts
* Creation date: 04-22-2019
*
* XDoclet definition:
* @struts.action validate="true"
*/
public class RemoveAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
// TODO Auto-generated method stub
String mark = request.getParameter("mark");
String str ="";
HttpSession session = request.getSession();
if(mark != null && mark.equals("user")){
session.removeAttribute("userlogin");
str = "userok";
}
if(mark != null && mark.equals("admin")){
session.removeAttribute("adminlogin");
str = "adminok";
}
return mapping.findForward(str);
}
}

UsersloginAction.java

package action;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import bean.SelectBean;

/**
* MyEclipse Struts
* Creation date: 05-31-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="error" path="/users/login.jsp"
* @struts.action-forward name="ok" path="/users/index.jsp"
*/
public class UsersloginAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String name = request.getParameter("name");
String pwd = request.getParameter("pwd");

String sql = "select * from users where name='"+name+"' and pwd='"+pwd+"'";
String args[] = {"id","name","pwd","priority"};
SelectBean sb = new SelectBean();

ArrayList al = sb.select(args, sql);
String str = "";

if(al == null || al.size() == 0){
str = "error";
request.setAttribute("message", "用户名或密码错误！");
}else{
if(al.get(3).equals("1")){
str = "error";
request.setAttribute("message", "帐户已被管理员禁用！");
}else{
str = "ok";
HttpSession session = request.getSession();
session.setAttribute("userlogin", al);
}
}
return mapping.findForward(str);
}
}

YudingAction.java

package action;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import util.Validate;
import bean.AllBean;
import bean.InsertUpdateDelBean;

/**
* MyEclipse Struts
* Creation date: 05-31-2019
*
* XDoclet definition:
* @struts.action validate="true"
* @struts.action-forward name="ok" path="/users/orders_list.jsp"
*/
public class YudingAction extends Action {
/*
* Generated Methods
*/

/**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {

response.setContentType("text/html;charset=gb2312");
try {
request.setCharacterEncoding("gb2312");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

String id = request.getParameter("id");
String zuoxi = request.getParameter("zuoxi");
String ticketType = request.getParameter("ticketType");
String identityCrad = request.getParameter("identityCrad");
String connector = request.getParameter("connector");
String mobile = request.getParameter("mobile");
String address = request.getParameter("address");
String sums = request.getParameter("sums");
String zhifu = request.getParameter("zhifu");
String orderState = request.getParameter("orderState");
HttpSession session = request.getSession();
ArrayList userlogin = (ArrayList)session.getAttribute("userlogin");
AllBean ab = new AllBean();
ArrayList jipiao = ab.getJipiaoOne(id);
Validate v = new Validate();
int price = 0;
String sumsname = "";
String zuo = "";
int fund = 0;
if(zuoxi != null && zuoxi.equals("jingji")){
price = (int)(Float.parseFloat(jipiao.get(14).toString())*0.1*Integer.parseInt(jipiao.get(12).toString()));
fund = price*Integer.parseInt(sums);
sumsname = "jingjisums";
zuo = "经济舱";
}
if(zuoxi != null && zuoxi.equals("toudeng")){
price = (int)(Float.parseFloat(jipiao.get(17).toString())*0.1*Integer.parseInt(jipiao.get(15).toString()));
fund = price*Integer.parseInt(sums);
sumsname = "toudengsums";
zuo = "头等舱";
}

String sql = "insert into orders(users,jipiao,ticketType,identityCrad,connector,mobile,address,zuo,sums,zhifu,price,fund,orderTime,orderState) values('"+userlogin.get(0)+"','"+id+"','"+ticketType+"','"+identityCrad+"','"+connector+"','"+mobile+"','"+address+"','"+zuo+"','"+sums+"','"+zhifu+"','"+price+"','"+fund+"','"+v.getSystemDate().substring(0,10)+"','"+orderState+"')";
String str = "ok";

InsertUpdateDelBean ib = new InsertUpdateDelBean();

ib.insertANDupdateANDdel(sql);
sql = "update jipiao set "+sumsname+"="+sumsname+"-"+sums+" where id="+id;
ib.insertANDupdateANDdel(sql);
request.setAttribute("message", "操作成功！");

return mapping.findForward(str);
}
}

以下为bean包:

AllBean.java

package bean;

import java.util.ArrayList;

public class AllBean {
SelectBean sb = new SelectBean();
ArrayList al = null;

public ArrayList getDandu(String id){
String sql = "select * from dandu where id="+id;
String args[] = {"id","content"};
al = sb.select(args, sql);
return al;
}

public ArrayList getAdmin(String where){
String sql = "select * from employee "+where+" order by id desc";
String args[] = {"id","name","pwd","email","mobie","realName","tel","partment","role","priority"};
ArrayList al = sb.select(sql, args);
return al;
}

public ArrayList getAdminOne(String id){
String sql = "select * from employee where id="+id;
String args[] = {"id","name","pwd","email","mobie","realName","tel","partment","role","priority"};
ArrayList al = sb.select(args, sql);
return al;
}

public ArrayList getJipiao(String where){
String sql = "select * from jipiao "+where+" order by id desc";
String args[] = {"id","flightCode","airplaneModel","airways","startPlace","destination","startDate","startTime","arrivalDate","arrivalTime","startAerodrome","targetAerodrome","jingji","jingjisums","jingjizhekou","toudeng","toudengsums","toudengzhekou"};
ArrayList al = sb.select(sql, args);
return al;
}

public ArrayList getJipiaoOne(String id){
String sql = "select * from jipiao where id="+id;
String args[] = {"id","flightCode","airplaneModel","airways","startPlace","destination","startDate","startTime","arrivalDate","arrivalTime","startAerodrome","targetAerodrome","jingji","jingjisums","jingjizhekou","toudeng","toudengsums","toudengzhekou"};
ArrayList al = sb.select(args, sql);
return al;
}

public ArrayList getHangbanType(){
String sql = "select airplaneModel from jipiao group by airplaneModel";
String args[] = {"airplaneModel"};
ArrayList al = sb.select(sql, args);
return al;
}

public ArrayList getUser(String where){
String sql = "select * from users "+where+" order by id desc";
String args[] = {"id","name","pwd","email","city","mobie","realName","tel","address","zcode","priority"};
al = sb.select(sql, args);
return al;
}

public ArrayList getUserOne(String id){
String sql = "select * from users where id="+id;
String args[] = {"id","name","pwd","email","city","mobie","realName","tel","address","zcode","priority"};
al = sb.select(args, sql);
return al;
}

public ArrayList getOrders(String where){
String sql = "select * from orders "+where+" order by id desc";
System.out.println(" bookCase******************s***action="+sql);
String args[] = {"id","users","jipiao","ticketType","identityCrad","connector","mobile","address","zuo","sums","zhifu","price","fund","orderTime","orderState","employee","operatorTime","sftp","tply","priority"};
al = sb.select(sql, args);
return al;
}

public ArrayList getOrdersOne(String id){
String sql = "select * from orders where id="+id;
String args[] = {"id","users","jipiao","ticketType","identityCrad","connector","mobile","address","zuo","sums","zhifu","price","fund","orderTime","orderState","employee","operatorTime"};
al = sb.select(args, sql);
return al;
}
}

InsertUpdateDelBean.java

package bean;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;

import util.DBConn;

public class InsertUpdateDelBean {

Connection conn = null;
Statement st = null;
ResultSet rs = null;

public int insertANDupdateANDdel(String sql){
int temp = 0;
conn = DBConn.getConn();

try {
st = conn.createStatement();
temp = st.executeUpdate(sql);
} catch (SQLException e) {
// TODO 自动生成 catch 块
e.printStackTrace();
temp = -1;
} finally{
DBConn.close(conn,st,rs);
}

return temp;
}

}

SelectBean.java

package bean;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import util.DBConn;

public class SelectBean {

Connection conn = null;
Statement st = null;
ResultSet rs = null;
/**
*
* @param sql
* @param args
* @return ArrayList
* @获取多条信息
*/
public ArrayList select(String sql,String[] args){
ArrayList al = new ArrayList();
conn = DBConn.getConn();
try {
st = conn.createStatement();
rs = st.executeQuery(sql);
while(rs.next()){
ArrayList alRow = new ArrayList();
for(int i = 0;i < args.length;i++){
alRow.add(rs.getString(args[i]));
}
al.add(alRow);
}
} catch (SQLException e) {
// TODO 自动生成 catch 块
e.printStackTrace();
} finally{
DBConn.close(conn,st,rs);
}
return al;
}

/**
*
* @param sql
* @param args
* @return ArrayList
* @获取一条信息
*/
public ArrayList select(String[] args,String sql){
ArrayList al = new ArrayList();
conn = DBConn.getConn();
try {
st = conn.createStatement();
rs = st.executeQuery(sql);
rs.next();
for(int i = 0;i < args.length;i++){
al.add(rs.getString(args[i]));
}
} catch (SQLException e) {
// TODO 自动生成 catch 块
} finally{
DBConn.close(conn,st,rs);
}
return al;
}
}

以下为hibernate包:

HiBernataSessionFact.java

package hibernate;

import org.hibernate.HibernateException;
import org.hibernate.Session;
import org.hibernate.cfg.Configuration;

/**
* Configures and provides access to Hibernate sessions, tied to the
* current thread of execution. Follows the Thread Local Session
* pattern, see {@link http://hibernate.org/42.html }.
*/
public class HibernateSessionFactory {

/**
* Location of hibernate.cfg.xml file.
* Location should be on the classpath as Hibernate uses
* #resourceAsStream style lookup for its configuration file.
* The default classpath location of the hibernate config file is
* in the default package. Use #setConfigFile() to update
* the location of the configuration file for the current session.
*/
private static String CONFIG_FILE_LOCATION = "/hibernate/hibernate.cfg.xml";
private static final ThreadLocal<Session> threadLocal = new ThreadLocal<Session>();
private static Configuration configuration = new Configuration();
private static org.hibernate.SessionFactory sessionFactory;
private static String configFile = CONFIG_FILE_LOCATION;

static {
try {
configuration.configure(configFile);
sessionFactory = configuration.buildSessionFactory();
} catch (Exception e) {
System.err
.println("%%%% Error Creating SessionFactory %%%%");
e.printStackTrace();
}
}
private HibernateSessionFactory() {
}

/**
* Returns the ThreadLocal Session instance. Lazy initialize
* the <code>SessionFactory</code> if needed.
*
* @return Session
* @throws HibernateException
*/
public static Session getSession() throws HibernateException {
Session session = (Session) threadLocal.get();

if (session == null || !session.isOpen()) {
if (sessionFactory == null) {
rebuildSessionFactory();
}
session = (sessionFactory != null) ? sessionFactory.openSession()
: null;
threadLocal.set(session);
}

return session;
}

/**
* Rebuild hibernate session factory
*
*/
public static void rebuildSessionFactory() {
try {
configuration.configure(configFile);
sessionFactory = configuration.buildSessionFactory();
} catch (Exception e) {
System.err
.println("%%%% Error Creating SessionFactory %%%%");
e.printStackTrace();
}
}

/**
* Close the single hibernate session instance.
*
* @throws HibernateException
*/
public static void closeSession() throws HibernateException {
Session session = (Session) threadLocal.get();
threadLocal.set(null);

if (session != null) {
session.close();
}
}

/**
* return session factory
*
*/
public static org.hibernate.SessionFactory getSessionFactory() {
return sessionFactory;
}

/**
* return session factory
*
* session factory will be rebuilded in the next call
*/
public static void setConfigFile(String configFile) {
HibernateSessionFactory.configFile = configFile;
sessionFactory = null;
}

/**
* return hibernate configuration
*
*/
public static Configuration getConfiguration() {
return configuration;
}

以下为until包:

BDConn.java

package util;

import java.sql.*;
public class DBConn {
static{
try{
// Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
Class.forName("com.mysql.jdbc.Driver");
// Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
}catch(Exception ex){
ex.printStackTrace();
}

}

public static Connection getConn(){
try{
// Connection conn=DriverManager.getConnection("jdbc:microsoft:sqlserver://localhost:1433;databasename=kxlcw","sa","123");
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost/xcjpyd","root","123456");
// Connection conn=DriverManager.getConnection("jdbc:odbc:temp");
return conn;
}catch(Exception ex){
ex.printStackTrace();
return null;
}
}
public static void close(Connection conn,Statement st,ResultSet rs){
if(rs!=null){
try{
rs.close();
}catch(SQLException ex){
}
}
if(st!=null){
try {
st.close();
}catch(Exception ex){
}
}
if(conn!=null){
try{
conn.close();
}catch(Exception ex){
}
}
}

}

Validate.java

package util;

import java.io.UnsupportedEncodingException;
import java.text.SimpleDateFormat;
import java.util.Date;

public class Validate {

/**
* 是否为数字和英文验证
*
*/
public int getIntAndChar(String str){
char c;
int i;
for (i = 0; i<str.length(); i++){
c = str.charAt(i);
if(!((c>='0' && c<='9') || (c>='a' && c<='z') || (c>='A' && c<='Z'))){
break;
}
}//判断字符是否在某个区间
if(i < str.length()){
return -1;
}else{
return 0;
}
}

/**
* 是否为整数验证
*
*/
public int getInt(String str){
char c;
int i;
for (i = 0; i<str.length(); i++){
c = str.charAt(i);
if(!(c>='0' && c<='9')){
break;
}
}//判断字符是否在某个区间
if(i < str.length()){
return -1;
}else{
return 0;
}
}

/**
* 是否为非法字符验证
*
*/
public boolean getLawlessChar(String str){
boolean flag = false;
char c;
for(int i = 0;i < str.length();i++){
c = str.charAt(i);
switch(c){
case '<' : flag = true; break;
case '>' : flag = true; break;
case '"' : flag = true; break;
case '&' : flag = true; break;
case ' ' : flag = true; break;
}
}
return flag;
}

/**
* 中文转换
* 将gb2312编码转换成unicode编码
*/
public String getUnicode(String str) {
if(str != null){
try {
return new String(str.getBytes("iso8859_1"),"gb2312");
} catch (UnsupportedEncodingException e) {
// TODO 自动生成 catch 块
e.printStackTrace();
return str;
}
}else{
return null;
}
}

/**
* 中文转换
* 将unicode编码转换成gb2312编码
*/
public String getGb2312(String str) {
if(str != null){
try {
return new String(str.getBytes("gb2312"),"iso8859_1");
} catch (UnsupportedEncodingException e) {
// TODO 自动生成 catch 块
e.printStackTrace();
return str;
}
}else{
return null;
}
}

/**
* 格式化日期 年-月-日 小时（0-23）:分钟:秒
*/
public String getSystemDate(){
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date date = new Date();
return df.format(date);
}

/**
* 四舍五入
*/
public float getRround(float f){
int tem = (int)(f*100+0.5);
float ff = ((float)tem/100);
return ff;
}

/**
* 计算两个日期的天数差
*/
public int getDateDifference(String str1,String str2){
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd");
Date firstDate = null;
Date secondDate = null;
try {
firstDate = df.parse(str1);
secondDate = df.parse(str2);
}
catch(Exception e) {
// 日期型字符串格式错误
}
int nDay = (int)((secondDate.getTime()-firstDate.getTime())/(24*60*60*1000));
return nDay;
}
}

以下为until.upload包：

SmartFile.java

package util.upload;
import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.servlet.ServletException;

public class SmartFile
{
private SmartUpload m_parent;
private int m_startData;
private int m_endData;
private int m_size;
private String m_fieldname;
private String m_filename;
private String m_fileExt;
private String m_filePathName;
private String m_contentType;
private String m_contentDisp;
private String m_typeMime;
private String m_subTypeMime;
//private String m_contentString;
private boolean m_isMissing;
public static final int SAVEAS_AUTO = 0;
public static final int SAVEAS_VIRTUAL = 1;
public static final int SAVEAS_PHYSICAL = 2;

SmartFile()
{
m_startData = 0;
m_endData = 0;
m_size = 0;
m_fieldname = "";//new String("");
m_filename = "";//new String();
m_fileExt = "";//new String();
m_filePathName = "";//new String("");
m_contentType = "";//new String();
m_contentDisp = "";//new String();
m_typeMime = "";//new String();
m_subTypeMime = "";//new String();
//m_contentString = "";//new String();
m_isMissing = true;
}

public void saveAs(String s) throws IOException,SmartUploadException
{
saveAs(s,0);
}

public void saveAs(String s,int i) throws IOException,SmartUploadException
{
//Method invokes dubious new String() constructor; just use ""
//Creating a new java.lang.String object using the no-argument constructor wastes memory because the object so created will be functionally indistinguishable from the empty string constant "".u00A0 Java guarantees that identical string constants will be represented by the same String object.u00A0 Therefore, you should just use the empty string constant directly.
//String s1 = new String();
String s1 = "";
s1 = m_parent.getPhysicalPath(s,i);
if(s1 == null)
{
throw new IllegalArgumentException("There is no specified destination file (1140).");
}
try
{
java.io.File file = new java.io.File(s1);
FileOutputStream fileoutputstream = new FileOutputStream(file);
fileoutputstream.write(m_parent.m_binArray,m_startData,m_size);
fileoutputstream.close();
}
catch(IOException ioexception)
{
throw new SmartUploadException("File can't be saved (1120).");
}
}

public void fileToField(ResultSet resultset,String s) throws ServletException,IOException,SmartUploadException,SQLException
{
long l = 0L;
int i = 0x10000;
int j = 0;
int k = m_startData;
if(resultset == null)
{
throw new IllegalArgumentException("The RecordSet cannot be null (1145).");
}
if(s == null)
{
throw new IllegalArgumentException("The columnName cannot be null (1150).");
}
if(s.length() == 0)
{
throw new IllegalArgumentException("The columnName cannot be empty (1155).");
}
l = BigInteger.valueOf(m_size).divide(BigInteger.valueOf(i)).longValue();
j = BigInteger.valueOf(m_size).mod(BigInteger.valueOf(i)).intValue();
try
{
for(int i1 = 1;(long)i1 < l;i1++)
{
resultset.updateBinaryStream(s,new ByteArrayInputStream(m_parent.m_binArray,k,i),i);
k = k != 0 ? k : 1;
k = i1 * i + m_startData;
}

if(j > 0)
{
resultset.updateBinaryStream(s,new ByteArrayInputStream(m_parent.m_binArray,k,j),j);
}
}
catch(SQLException sqlexception)
{
byte abyte0[] = new byte[m_size];
System.arraycopy(m_parent.m_binArray,m_startData,abyte0,0,m_size);
resultset.updateBytes(s,abyte0);
}
catch(Exception exception)
{
throw new SmartUploadException("Unable to save file in the DataBase (1130).");
}
}

public boolean isMissing()
{
return m_isMissing;
}

public String getFieldName()
{
return m_fieldname;
}

public String getFileName()
{
return m_filename;
}

public String getFilePathName()
{
return m_filePathName;
}

public String getFileExt()
{
return m_fileExt;
}

public String getContentType()
{
return m_contentType;
}

public String getContentDisp()
{
return m_contentDisp;
}

public String getContentString()
{
String s = new String(m_parent.m_binArray,m_startData,m_size);
return s;
}

public String getTypeMIME() throws IOException
{
return m_typeMime;
}

public String getSubTypeMIME()
{
return m_subTypeMime;
}

public int getSize()
{
return m_size;
}

protected int getStartData()
{
return m_startData;
}

protected int getEndData()
{
return m_endData;
}

protected void setParent(SmartUpload smartupload)
{
m_parent = smartupload;
}

protected void setStartData(int i)
{
m_startData = i;
}

protected void setEndData(int i)
{
m_endData = i;
}

protected void setSize(int i)
{
m_size = i;
}

protected void setIsMissing(boolean flag)
{
m_isMissing = flag;
}

protected void setFieldName(String s)
{
m_fieldname = s;
}

protected void setFileName(String s)
{
m_filename = s;
}

protected void setFilePathName(String s)
{
m_filePathName = s;
}

protected void setFileExt(String s)
{
m_fileExt = s;
}

protected void setContentType(String s)
{
m_contentType = s;
}

protected void setContentDisp(String s)
{
m_contentDisp = s;
}

protected void setTypeMIME(String s)
{
m_typeMime = s;
}

protected void setSubTypeMIME(String s)
{
m_subTypeMime = s;
}

public byte getBinaryData(int i)
{
if(m_startData + i > m_endData)
{
throw new ArrayIndexOutOfBoundsException("Index Out of range (1115).");
}
if(m_startData + i <= m_endData)
{
return m_parent.m_binArray[m_startData + i];
}
else
{
return 0;
}
}
}

SmartFiles.java

package util.upload;
import java.io.IOException;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Hashtable;

public class SmartFiles
{
//private SmartUpload m_parent;
private Hashtable m_files;
private int m_counter;

SmartFiles()
{
m_files = new Hashtable();
m_counter = 0;
}

protected void addFile(SmartFile file)
{
if(file == null)
{
throw new IllegalArgumentException("newFile cannot be null.");
}
else
{
m_files.put(new Integer(m_counter),file);
m_counter++;
return;
}
}

public SmartFile getFile(int i)
{
if(i < 0)
{
throw new IllegalArgumentException("File's index cannot be a negative value (1210).");
}
SmartFile file = (SmartFile)m_files.get(new Integer(i));
if(file == null)
{
throw new IllegalArgumentException("Files' name is invalid or does not exist (1205).");
}
else
{
return file;
}
}

public int getCount()
{
return m_counter;
}

public long getSize() throws IOException
{
long l = 0L;
for(int i = 0;i < m_counter;i++)
{
l += getFile(i).getSize();
}
return l;
}

public Collection getCollection()
{
return m_files.values();
}

public Enumeration getEnumeration()
{
return m_files.elements();
}
}

SmartRequest.java

package util.upload;
import java.util.Enumeration;
import java.util.Hashtable;

public class SmartRequest
{
private Hashtable m_parameters;
private int m_counter;

SmartRequest()
{
m_parameters = new Hashtable();
m_counter = 0;
}

protected void putParameter(String s,String s1)
{
if(s == null)
{
throw new IllegalArgumentException("The name of an element cannot be null.");
}
if(m_parameters.containsKey(s))
{
Hashtable hashtable = (Hashtable)m_parameters.get(s);
hashtable.put(new Integer(hashtable.size()),s1);
}
else
{
Hashtable hashtable1 = new Hashtable();
hashtable1.put(new Integer(0),s1);
m_parameters.put(s,hashtable1);
m_counter++;
}
}

public String getParameter(String s)
{
if(s == null)
{
throw new IllegalArgumentException("Form's name is invalid or does not exist (1305).");
}
Hashtable hashtable = (Hashtable)m_parameters.get(s);
if(hashtable == null)
{
return null;
}
else
{
return(String)hashtable.get(new Integer(0));
}
}

public Enumeration getParameterNames()
{
return m_parameters.keys();
}

public String[] getParameterValues(String s)
{
if(s == null)
{
throw new IllegalArgumentException("Form's name is invalid or does not exist (1305).");
}
Hashtable hashtable = (Hashtable)m_parameters.get(s);
if(hashtable == null)
{
return null;
}
String as[] = new String[hashtable.size()];
for(int i = 0;i < hashtable.size();i++)
{
as[i] = (String)hashtable.get(new Integer(i));
}
return as;
}
}

SmartUpload.java

package util.upload;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Vector;

import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.JspWriter;
import javax.servlet.jsp.PageContext;

public class SmartUpload
{
protected byte m_binArray[];
protected HttpServletRequest m_request;
protected HttpServletResponse m_response;
protected ServletContext m_application;
private int m_totalBytes;
private int m_currentIndex;
private int m_startData;
private int m_endData;
private String m_boundary;
private long m_totalMaxFileSize;
private long m_maxFileSize;
private Vector m_deniedFilesList;
private Vector m_allowedFilesList;
private boolean m_denyPhysicalPath;

//private boolean m_forcePhysicalPath;
private String m_contentDisposition;
public static final int SAVE_AUTO = 0;
public static final int SAVE_VIRTUAL = 1;
public static final int SAVE_PHYSICAL = 2;
private SmartFiles m_files;
private SmartRequest m_formRequest;

public SmartUpload()
{
m_totalBytes = 0;
m_currentIndex = 0;
m_startData = 0;
m_endData = 0;
m_boundary = ""; //new String();
m_totalMaxFileSize = 0L;
m_maxFileSize = 0L;
m_deniedFilesList = new Vector();
m_allowedFilesList = new Vector();
m_denyPhysicalPath = false;
//m_forcePhysicalPath = false;
m_contentDisposition = ""; //new String();
m_files = new SmartFiles();
m_formRequest = new SmartRequest();
}

/**
* @deprecated Method init is deprecated
*/
public final void init(ServletConfig servletconfig) throws ServletException
{
m_application = servletconfig.getServletContext();
}

/**
* @deprecated Method service is deprecated
*/
public void service(HttpServletRequest httpservletrequest,HttpServletResponse httpservletresponse) throws ServletException,IOException
{
m_request = httpservletrequest;
m_response = httpservletresponse;
}

public final void initialize(ServletConfig servletconfig,HttpServletRequest httpservletrequest,HttpServletResponse httpservletresponse) throws ServletException
{
m_application = servletconfig.getServletContext();
m_request = httpservletrequest;
m_response = httpservletresponse;
}

public final void initialize(PageContext pagecontext) throws ServletException
{
m_application = pagecontext.getServletContext();
m_request = (HttpServletRequest)pagecontext.getRequest();
m_response = (HttpServletResponse)pagecontext.getResponse();
}

/**
* @deprecated Method initialize is deprecated
*/
public final void initialize(ServletContext servletcontext,HttpSession httpsession,HttpServletRequest httpservletrequest,HttpServletResponse httpservletresponse,JspWriter jspwriter) throws ServletException
{
m_application = servletcontext;
m_request = httpservletrequest;
m_response = httpservletresponse;
}

public void upload() throws ServletException,IOException,SmartUploadException
{
int i = 0;
//boolean flag = false;
boolean flag1 = false;
//boolean flag2 = false;
long l = 0L;
//String s = "";//new String();
//String s2 = "";//new String();
String s4 = ""; //new String();
String s5 = ""; //new String();
String s6 = ""; //new String();
String s7 = ""; //new String();
String s8 = ""; //new String();
String s9 = ""; //new String();
String s10 = ""; //new String();
m_totalBytes = m_request.getContentLength();
m_binArray = new byte[m_totalBytes];
int j;
for(;i < m_totalBytes;i += j)
{
try
{
m_request.getInputStream();
j = m_request.getInputStream().read(m_binArray,i,m_totalBytes - i);
}
catch(Exception exception)
{
throw new SmartUploadException("Unable to upload.");
}
}

for(;!flag1 && m_currentIndex < m_totalBytes;m_currentIndex++)
{
if(m_binArray[m_currentIndex] == 13)
{
flag1 = true;
}
else
{
m_boundary = m_boundary + (char)m_binArray[m_currentIndex];

}
}
if(m_currentIndex == 1)
{
return;
}
for(m_currentIndex++;m_currentIndex < m_totalBytes;m_currentIndex = m_currentIndex + 2)
{
//long now=new java.util.Date().getTime();
String s1 = getDataHeader();
m_currentIndex = m_currentIndex + 2;
boolean flag3 = s1.indexOf("filename") > 0;
String s3 = getDataFieldValue(s1,"name");
if(flag3)
{
s6 = getDataFieldValue(s1,"filename");
s4 = getFileName(s6);
s5 = getFileExt(s4);
s7 = getContentType(s1);
s8 = getContentDisp(s1);
s9 = getTypeMIME(s7);
s10 = getSubTypeMIME(s7);
}
getDataSection();
if(flag3 && s4.length() > 0)
{
if(m_deniedFilesList.contains(s5))
{
throw new SecurityException("The extension of the file is denied to be uploaded (1015).");
}
if(!m_allowedFilesList.isEmpty() && !m_allowedFilesList.contains(s5))
{
throw new SecurityException("The extension of the file is not allowed to be uploaded (1010).");
}
if(m_maxFileSize > 0L && (long)((m_endData - m_startData) + 1) > m_maxFileSize)
{
throw new SecurityException("Size exceeded for this file : " + s4 + " (1105).");
}
l += (m_endData - m_startData) + 1;
if(m_totalMaxFileSize > 0L && l > m_totalMaxFileSize)
{
throw new SecurityException("Total File Size exceeded (1110).");
}
}
if(flag3)
{
SmartFile file = new SmartFile();
file.setParent(this);
file.setFieldName(s3);
file.setFileName(s4);
file.setFileExt(s5);
file.setFilePathName(s6);
file.setIsMissing(s6.length() == 0);
file.setContentType(s7);
file.setContentDisp(s8);
file.setTypeMIME(s9);
file.setSubTypeMIME(s10);
if(s7.indexOf("application/x-macbinary") > 0)
{
m_startData = m_startData + 128;
}
file.setSize((m_endData - m_startData) + 1);
file.setStartData(m_startData);
file.setEndData(m_endData);
m_files.addFile(file);
}
else
{
String s11 = new String(m_binArray,m_startData,(m_endData - m_startData) + 1);
m_formRequest.putParameter(s3,s11);
}
if((char)m_binArray[m_currentIndex + 1] == '-')
{
break;
}
}
}

public int save(String s) throws ServletException,IOException,SmartUploadException
{
return save(s,0);
}

public int save(String s,int i) throws ServletException,IOException,SmartUploadException
{
int j = 0;
if(s == null)
{
s = m_application.getRealPath("/");
//System.out.println("s == null,m_application.getRealPath:" + s);
}
if(s.indexOf("/") != -1)
{
if(s.charAt(s.length() - 1) != '/')
{
s = s + "/";
//System.out.println("m_application.getRealPath::" + s);
}
}
else
{
if(s.charAt(s.length() - 1) != '\')
{
s = s + "\";
//System.out.println("m_application.getRealPath" + s);
}
}
//System.out.println("m_application.getRealPath:::" + s);
FileNames = new String[m_files.getCount()];
for(int k = 0;k < m_files.getCount();k++)
{
if(!m_files.getFile(k).isMissing())
{
// System.out.println("s + m_files.getFile(k).getFileName():" + s + m_files.getFile(k).getFileName());
m_files.getFile(k).saveAs(s + m_files.getFile(k).getFileName(),i);
FileNames[j] = s + m_files.getFile(k).getFileName();
j++;
}
}
return j;
}

//Add
private String[] FileNames;
public String[] getFileNames()
{
//Method may expose internal representation by returning array
//Returning an array value stored in one of the object's fields exposes the internal representation of the object.? For classes shared by other untrusted classes, this could potentially be a security issue.? Returning a new copy of the array is better approach in many situations.
String[] vFileNames = new String[FileNames.length];
System.arraycopy(FileNames,0,vFileNames,0,FileNames.length);
return vFileNames;
}

public int getSize()
{
return m_totalBytes;
}

public byte getBinaryData(int i)
{
byte byte0;
try
{
byte0 = m_binArray[i];
}
catch(Exception exception)
{
throw new ArrayIndexOutOfBoundsException("Index out of range (1005).");
}
return byte0;
}

public SmartFiles getFiles()
{
return m_files;
}

public SmartRequest getRequest()
{
return m_formRequest;
}

public void downloadFile(String s) throws ServletException,IOException,SmartUploadException
{
downloadFile(s,null,null);
}

public void downloadFile(String s,String s1) throws ServletException,IOException,SmartUploadException,SmartUploadException
{
downloadFile(s,s1,null);
}

public void downloadFile(String s,String s1,String s2) throws ServletException,IOException,SmartUploadException
{
downloadFile(s,s1,s2,65000);
}

public void downloadFile(String s,String s1,String s2,int i) throws ServletException,IOException,SmartUploadException
{
if(s == null)
{
throw new IllegalArgumentException("File '" + s + "' not found (1040).");
}
if(s.equals(""))
{
throw new IllegalArgumentException("File '" + s + "' not found (1040).");
}
if(!isVirtual(s) && m_denyPhysicalPath)
{
throw new SecurityException("Physical path is denied (1035).");
}
if(isVirtual(s))
{
s = m_application.getRealPath(s);
}
java.io.File file = new java.io.File(s);
FileInputStream fileinputstream = new FileInputStream(file);
long l = file.length();
//boolean flag = false;
int k = 0;
byte abyte0[] = new byte[i];
if(s1 == null)
{
m_response.setContentType("application/x-msdownload");
}
else
{
if(s1.length() == 0)
{
m_response.setContentType("application/x-msdownload");
}
else
{
m_response.setContentType(s1);
}
}
m_response.setContentLength((int)l);
m_contentDisposition = m_contentDisposition != null ? m_contentDisposition : "attachment;";
if(s2 == null)
{
m_response.setHeader("Content-Disposition",m_contentDisposition + " filename=" + getFileName(s));
}
else
{
if(s2.length() == 0)
{
m_response.setHeader("Content-Disposition",m_contentDisposition);
}
else
{
m_response.setHeader("Content-Disposition",m_contentDisposition + " filename=" + s2);
}
}
while((long)k < l)
{
int j = fileinputstream.read(abyte0,0,i);
k += j;
m_response.getOutputStream().write(abyte0,0,j);
}
fileinputstream.close();
}

public void downloadField(ResultSet resultset,String s,String s1,String s2) throws ServletException,IOException,SQLException
{
if(resultset == null)
{
throw new IllegalArgumentException("The RecordSet cannot be null (1045).");
}
if(s == null)
{
throw new IllegalArgumentException("The columnName cannot be null (1050).");
}
if(s.length() == 0)
{
throw new IllegalArgumentException("The columnName cannot be empty (1055).");
}
byte abyte0[] = resultset.getBytes(s);
if(s1 == null)
{
m_response.setContentType("application/x-msdownload");
}
else
{
if(s1.length() == 0)
{
m_response.setContentType("application/x-msdownload");
}
else
{
m_response.setContentType(s1);
}
}
m_response.setContentLength(abyte0.length);
if(s2 == null)
{
m_response.setHeader("Content-Disposition","attachment;");
}
else
{
if(s2.length() == 0)
{
m_response.setHeader("Content-Disposition","attachment;");
}
else
{
m_response.setHeader("Content-Disposition","attachment; filename=" + s2);
}
}
m_response.getOutputStream().write(abyte0,0,abyte0.length);
}

public void fieldToFile(ResultSet resultset,String s,String s1) throws ServletException,IOException,SmartUploadException,SQLException
{
try
{
if(m_application.getRealPath(s1) != null)
{
s1 = m_application.getRealPath(s1);
}
InputStream inputstream = resultset.getBinaryStream(s);
FileOutputStream fileoutputstream = new FileOutputStream(s1);
int i;
while((i = inputstream.read()) != -1)
{
fileoutputstream.write(i);
}
fileoutputstream.close();
}
catch(Exception exception)
{
throw new SmartUploadException("Unable to save file from the DataBase (1020).");
}
}

private String getDataFieldValue(String s,String s1)
{
String s2 = ""; // = new String();
String s3 = ""; // = new String();
int i = 0;
//boolean flag = false;
//boolean flag1 = false;
//boolean flag2 = false;
s2 = s1 + "=" + '"';
i = s.indexOf(s2);
if(i > 0)
{
int j = i + s2.length();
int k = j;
s2 = """;
int l = s.indexOf(s2,j);
if(k > 0 && l > 0)
{
s3 = s.substring(k,l);
}
}
return s3;
}

private String getFileExt(String s)
{
String s1; // = new String();
int i = 0;
int j = 0;
if(s == null)
{
return null;
}
i = s.lastIndexOf('.') + 1;
j = s.length();
s1 = s.substring(i,j);
if(s.lastIndexOf('.') > 0)
{
return s1;
}
else
{
return "";
}
}

private String getContentType(String s)
{
String s1 = ""; // = new String();
String s2 = ""; // = new String();
int i = 0;
//boolean flag = false;
s1 = "Content-Type:";
i = s.indexOf(s1) + s1.length();
if(i != -1)
{
int j = s.length();
s2 = s.substring(i,j);
}
return s2;
}

private String getTypeMIME(String s)
{
//String s1 = new String();
int i = 0;
i = s.indexOf("/");
if(i != -1)
{
return s.substring(1,i);
}
else
{
return s;
}
}

private String getSubTypeMIME(String s)
{
//String s1 = new String();
//boolean flag = false;
int i = 0;
i = s.indexOf("/") + 1;
if(i != -1)
{
int j = s.length();
return s.substring(i,j);
}
else
{
return s;
}
}

private String getContentDisp(String s)
{
//String s1 = new String();
String s1 = "";
int i = 0;
int j = 0;
i = s.indexOf(":") + 1;
j = s.indexOf(";");
s1 = s.substring(i,j);
return s1;
}

private void getDataSection()
{
//boolean flag = false;
//String s = "";
//String s = new String();
int i = m_currentIndex;
int j = 0;
int k = m_boundary.length();
m_startData = m_currentIndex;
m_endData = 0;
while(i < m_totalBytes)
{
if(m_binArray[i] == (byte)m_boundary.charAt(j))
{
if(j == k - 1)
{
m_endData = ((i - k) + 1) - 3;
break;
}
i++;
j++;
}
else
{
i++;
j = 0;
}
}
m_currentIndex = m_endData + k + 3;
}

private String getDataHeader()
{
//boolean flag = false;
int i = m_currentIndex;
int j = 0;
for(boolean flag1 = false;!flag1;)
{
if(m_binArray[m_currentIndex] == 13 && m_binArray[m_currentIndex + 2] == 13)
{
flag1 = true;
j = m_currentIndex - 1;
m_currentIndex = m_currentIndex + 2;
}
else
{
m_currentIndex++;
}
}

String s = new String(m_binArray,i,(j - i) + 1);
return s;
}

private String getFileName(String s)
{
//String s1 = ""; // = new String();
//String s2 = ""; // = new String();
//boolean flag = false;
//boolean flag1 = false;
//boolean flag2 = false;
int i = 0;
i = s.lastIndexOf('/');
if(i != -1)
{
return s.substring(i + 1,s.length());
}
i = s.lastIndexOf('\');
if(i != -1)
{
return s.substring(i + 1,s.length());
}
else
{
return s;
}
}

public void setDeniedFilesList(String s) throws ServletException,IOException,SQLException
{
//String s1 = "";
if(s != null)
{
String s2 = "";
for(int i = 0;i < s.length();i++)
{
if(s.charAt(i) == ',')
{
if(!m_deniedFilesList.contains(s2))
{
m_deniedFilesList.addElement(s2);
}
s2 = "";
}
else
{
s2 = s2 + s.charAt(i);
}
}

//if(s2 != "")
if(!s2.equals(""))
{
m_deniedFilesList.addElement(s2);
}
}
else
{
m_deniedFilesList = null;
}
}

public void setAllowedFilesList(String s)
{
//String s1 = "";
if(s != null)
{
String s2 = "";
for(int i = 0;i < s.length();i++)
{
if(s.charAt(i) == ',')
{
if(!m_allowedFilesList.contains(s2))
{
m_allowedFilesList.addElement(s2);
}
s2 = "";
}
else
{
s2 = s2 + s.charAt(i);
}
}
//if(s2 != "")
if(!s2.equals(""))
{
m_allowedFilesList.addElement(s2);
}
}
else
{
m_allowedFilesList = null;
}
}

public void setDenyPhysicalPath(boolean flag)
{
m_denyPhysicalPath = flag;
}

public void setForcePhysicalPath(boolean flag)
{
//m_forcePhysicalPath = flag;
}

public void setContentDisposition(String s)
{
m_contentDisposition = s;
}

public void setTotalMaxFileSize(long l)
{
m_totalMaxFileSize = l;
}

public void setMaxFileSize(long l)
{
m_maxFileSize = l;
}

protected String getPhysicalPath(String s,int i) throws IOException
{
String s1 = ""; //new String();
String s2 = ""; //new String();
String s3 = ""; //new String();
boolean flag = false;
s3 = System.getProperty("file.separator");
if(s == null)
{
throw new IllegalArgumentException("There is no specified destination file (1140).");
}
if(s.equals(""))
{
throw new IllegalArgumentException("There is no specified destination file (1140).");
}
if(s.lastIndexOf("\") >= 0)
{
s1 = s.substring(0,s.lastIndexOf("\"));
s2 = s.substring(s.lastIndexOf("\") + 1);
}
if(s.lastIndexOf("/") >= 0)
{
s1 = s.substring(0,s.lastIndexOf("/"));
s2 = s.substring(s.lastIndexOf("/") + 1);
}
s1 = s1.length() != 0 ? s1 : "/";
java.io.File file = new java.io.File(s1);
if(file.exists())
{
flag = true;
}
if(i == 0)
{
if(isVirtual(s1))
{
s1 = m_application.getRealPath(s1);
if(s1.endsWith(s3))
{
s1 = s1 + s2;
}
else
{
s1 = s1 + s3 + s2;
}
return s1;
}
if(flag)
{
if(m_denyPhysicalPath)
{
throw new IllegalArgumentException("Physical path is denied (1125).");
}
else
{
return s;
}
}
else
{
throw new IllegalArgumentException("This path does not exist (1135).");
}
}
if(i == 1)
{
if(isVirtual(s1))
{
s1 = m_application.getRealPath(s1);
if(s1.endsWith(s3))
{
s1 = s1 + s2;
}
else
{
s1 = s1 + s3 + s2;
}
return s1;
}
if(flag)
{
throw new IllegalArgumentException("The path is not a virtual path.");
}
else
{
throw new IllegalArgumentException("This path does not exist (1135).");
}
}
if(i == 2)
{
if(flag)
{
if(m_denyPhysicalPath)
{
throw new IllegalArgumentException("Physical path is denied (1125).");
}
else
{
return s;
}
}
if(isVirtual(s1))
{
throw new IllegalArgumentException("The path is not a physical path.");
}
else
{
throw new IllegalArgumentException("This path does not exist (1135).");
}
}
else
{
return null;
}
}

public void uploadInFile(String s) throws IOException,SmartUploadException
{
//boolean flag = false;
int i = 0;
int j = 0;
if(s == null)
{
throw new IllegalArgumentException("There is no specified destination file (1025).");
}
if(s.length() == 0)
{
throw new IllegalArgumentException("There is no specified destination file (1025).");
}
if(!isVirtual(s) && m_denyPhysicalPath)
{
throw new SecurityException("Physical path is denied (1035).");
}
i = m_request.getContentLength();
m_binArray = new byte[i];
int k;
for(;j < i;j += k)
{
try
{
k = m_request.getInputStream().read(m_binArray,j,i - j);
}
catch(Exception exception)
{
throw new SmartUploadException("Unable to upload.");
}
}

if(isVirtual(s))
{
s = m_application.getRealPath(s);
}
try
{
java.io.File file = new java.io.File(s);
FileOutputStream fileoutputstream = new FileOutputStream(file);
fileoutputstream.write(m_binArray);
fileoutputstream.close();
}
catch(Exception exception1)
{
throw new SmartUploadException("The Form cannot be saved in the specified file (1030).");
}
}

private boolean isVirtual(String s)
{
if(m_application.getRealPath(s) != null)
{
java.io.File file = new java.io.File(m_application.getRealPath(s));
return file.exists();
}
else
{
return false;
}
}
}

SmartUploadException.java

package util.upload;
public class SmartUploadException extends Exception
{
SmartUploadException(String s)
{
super(s);
}
}