//用于存放上传文件的目录 private String uploadPath = ""; // 用于存放临时文件的目录 private File tempPath = new File("D:\\addnetFile\\tmp\\"); public void destroy() { super.destroy(); // Just puts "destroy" string in log // Put your code here }
public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { uploadPath = getServletConfig().getInitParameter("upload_path"); System.out.println("uploadPath=" + uploadPath); res.setContentType("text/html; charset=GB2312"); PrintWriter out = res.getWriter(); System.out.println(req.getContentLength()); System.out.println(req.getContentType()); DiskFileItemFactory factory = new DiskFileItemFactory(); // maximum size that will be stored in memory // 设置最多只允许在内存中存储的数据,单位:字节 factory.setSizeThreshold(4096); // the location for saving data that is larger than getSizeThreshold() factory.setRepository(tempPath); ServletFileUpload upload = new ServletFileUpload(factory); // maximum size before a FileUploadException will be thrown // 设置允许用户上传文件大小,单位:字节 upload.setSizeMax(1000000); // 物料代码 String itemNo = ""; try { List fileItems = upload.parseRequest(req); // assume we know there are two files. The first file is a small // text file, the second is unknown and is written to a file on // the server Iterator iter = fileItems.iterator(); // 正则匹配,过滤路径取文件名 // D:\\addnetFile\\item.jpg //String regExp = ".+\\\\(.+)$"; String regExp = "(.+\\.[\\w]+$)"; // 过滤掉的文件类型 String[] errorType = { ".exe", ".com", ".cgi", ".asp" }; Pattern p = Pattern.compile(regExp); while (iter.hasNext()) { FileItem item = (FileItem) iter.next(); // 正常的html文件域,例如:text,radio等 if (item.isFormField()) { if (item.getFieldName().equals("itemNo")) { itemNo = item.getString(); } } // 忽略其他不是文件域的所有表单信息 if (!(item.isFormField())) { String name = item.getName(); System.out.println(name); long size = item.getSize(); if ((name == null || name.equals("")) && size == 0) continue; Matcher m = p.matcher(name); boolean result = m.find(); if (result) { for (int temp = 0; temp < errorType.length; temp++) { if (m.group(1).endsWith(errorType[temp])) { throw new IOException(name + ": wrong type"); } } try { // 保存上传的文件到指定的目录 item.write(new File(uploadPath + itemNo + ".gif")); res.sendRedirect("../basedata/item_upload.jsp?itemNo=" + itemNo); //out.print(name + " " + size + "<br>"); } catch (Exception e) { out.println(e); } } else { throw new IOException("fail to upload"); } } } } catch (IOException e) { out.println(e); } catch (FileUploadException e) { out.println(e); } }
public class FileUpload extends HttpServlet {
//用于存放上传文件的目录
private String uploadPath = ""; // 用于存放临时文件的目录
private File tempPath = new File("D:\\addnetFile\\tmp\\"); public void destroy() {
super.destroy(); // Just puts "destroy" string in log
// Put your code here
}
public void doPost(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
uploadPath = getServletConfig().getInitParameter("upload_path");
System.out.println("uploadPath=" + uploadPath);
res.setContentType("text/html; charset=GB2312");
PrintWriter out = res.getWriter();
System.out.println(req.getContentLength());
System.out.println(req.getContentType());
DiskFileItemFactory factory = new DiskFileItemFactory();
// maximum size that will be stored in memory
// 设置最多只允许在内存中存储的数据,单位:字节
factory.setSizeThreshold(4096);
// the location for saving data that is larger than getSizeThreshold()
factory.setRepository(tempPath); ServletFileUpload upload = new ServletFileUpload(factory);
// maximum size before a FileUploadException will be thrown
// 设置允许用户上传文件大小,单位:字节
upload.setSizeMax(1000000);
// 物料代码
String itemNo = "";
try {
List fileItems = upload.parseRequest(req);
// assume we know there are two files. The first file is a small
// text file, the second is unknown and is written to a file on
// the server
Iterator iter = fileItems.iterator(); // 正则匹配,过滤路径取文件名
// D:\\addnetFile\\item.jpg
//String regExp = ".+\\\\(.+)$";
String regExp = "(.+\\.[\\w]+$)"; // 过滤掉的文件类型
String[] errorType = { ".exe", ".com", ".cgi", ".asp" };
Pattern p = Pattern.compile(regExp);
while (iter.hasNext()) {
FileItem item = (FileItem) iter.next();
// 正常的html文件域,例如:text,radio等
if (item.isFormField()) {
if (item.getFieldName().equals("itemNo")) {
itemNo = item.getString();
}
}
// 忽略其他不是文件域的所有表单信息
if (!(item.isFormField())) {
String name = item.getName();
System.out.println(name);
long size = item.getSize();
if ((name == null || name.equals("")) && size == 0)
continue;
Matcher m = p.matcher(name);
boolean result = m.find();
if (result) {
for (int temp = 0; temp < errorType.length; temp++) {
if (m.group(1).endsWith(errorType[temp])) {
throw new IOException(name + ": wrong type");
}
}
try {
// 保存上传的文件到指定的目录
item.write(new File(uploadPath + itemNo + ".gif"));
res.sendRedirect("../basedata/item_upload.jsp?itemNo=" + itemNo);
//out.print(name + " " + size + "<br>");
} catch (Exception e) {
out.println(e);
} } else {
throw new IOException("fail to upload");
}
}
}
} catch (IOException e) {
out.println(e);
} catch (FileUploadException e) {
out.println(e);
}
}