Toolbox:
| <% if (login == null) out.println("Login..."); %> |
| <% if (login != null) out.println("Upload file..."); %> |
| NO_OP... |
| <% if (login != null) out.println("Logout..."); %> |
QMS-Standards/WebGDT/Main
<%
/*
* Diagnostics
*/
out.println("");
out.println("Diagnostics:
");
out.println("# hello world");
out.println("# query string = |" + qs + "|");
out.println("# login = |" + login + "|");
out.println("# userFileStorage = |" + userFileStorage + "|");
if (sz.isNew())
out.println("# session is new");
else
out.println("# session is old");
if (isMultipart)
out.println("# request is isMultipart");
else
out.println("# request not isMultipart");
out.println("");
/*
* Main
*/
out.println("
");
out.println("Action
");
/*
* Dispatcher...
*/
switch (disp)
{
case REDIRECT_LOGIN:
userFileStorage = null;
sz.invalidate();
response.sendRedirect(request.getRequestURI()+"?login");
break;
case LOGIN:
out.println("#### login\n");
String rloginname = request.getParameter("loginname");
/*
* Verify login names
* - make sure we do not allow empty strings
* - for now we only allow ASCII alphanumeric
* names without spaces here
* - Make sure that login names do not contain '.' or '/'
* characters to prevent path-based attacks
*/
if (rloginname != null &&
!rloginname.isEmpty() &&
rloginname.matches("\\p{Alnum}+"))
{
login = rloginname;
userFileStorage = new File(fileStorageBase, login);
sz.setAttribute("loginname", rloginname);
out.println("logged in as + |" + rloginname + "|");
userFileStorage.mkdirs(); // fixme: test permissions and failure
}
else
{
/* Clicking on "login" should automagically invalidate current user */
userFileStorage = null;
login = null;
sz.invalidate();
out.println("");
}
break;
case LOGOUT:
out.println("#### logout" + login + "\n");
userFileStorage = null;
login = null;
sz.invalidate();
response.sendRedirect(request.getRequestURI()+"?login");
break;
case UPLOAD:
out.println("#### upload\n");
if (isMultipart)
{
DiskFileItemFactory fileItemFactory = new DiskFileItemFactory();
ServletFileUpload fileUpload = new ServletFileUpload(fileItemFactory);
fileUpload.setHeaderEncoding("utf-8");
try
{
for(FileItem item:(List"+item.getString("ASCII")+"
");
// }
//}
/*
* files are stored in per-file subdirs so we can
* store context data there, too
*/
File fn = new File(userFileStorage, fileName);
fn.mkdir(); // fixme: test error
File fnd = new File(fn, "filedata");
item.write(fnd);
}
}
}
catch (Exception e)
{
}
}
else
{
out.println("");
}
break;
case CERTIFY_GDT:
String fileName = qs.substring(12);
out.println("#### Accessing file: |" + fileName + "|");
File fn = new File(userFileStorage, fileName);
File fnd = new File(fn, "filedata");
if (fnd.exists())
{
out.println("#### file |" + fnd.toString() + "| exists");
String validatorOutput = runValidator(fnd);
/* fixme: file2string() test code... */
//out.println("| " + file2string(fnd) + " |
" + validatorOutput + " |
SUCCESS: QMS/GDT gdt30pruefung.jar returned a zero exit code. Test succeeded."); } else { out.println("
FAILURE: QMS/GDT gdt30pruefung.jar returned a non-zero exit code. Test failed."); } } else { out.println("#### file |" + fnd.toString() + "| does not exist"); } break; case NOP: out.println("#### no_op\n"); break; } /* * Display user data and status: */ if (userFileStorage != null) { File filelist[] = userFileStorage.listFiles(); int numFiles = 0; out.println("
"); out.println("
Files:
"); out.println("| Filename | "+"Tested | "+"Test status | "+"CERT Paid | "); out.println("
|---|---|---|---|
" + f.getName() + ""); /* file attributes */ out.println(""); out.println("filename=" + f.toString() + " "); out.println("attribute1" + " "); out.println("attribute2" + " "); out.println(""); out.println(" | ");
out.println(""); out.println(" | - | "); out.println("NO | "); out.println("
No files found.
Do you wish to upload a file ?
"); } %>