Tag Archives: struts2

Struts2 is cracked, a serious loophole, a perfect solution

Struts234987;”29190;” 20005;”28431;” 27934;29616;”20915;” 26696;”22914520146;”27979″

21319;- 32423;- 21040;- struts-2.3.15.1d21363;- 209151;

1

struts2-core-2.0.14.jar

2

struts2-core-2.3.15.1.jar GA.jar Common-lang3-3.1.jar

226863;”liblibliblib”36733;”

http://mirror.bit.edu.cn/apache//struts/binaries/struts-2.3.15.1-all.zip

3-20462;- 259130; web.xml

<filter>

<filter-name>struts2</filter-name>

<filter-class> org.apache.struts2 Yeah. dispatcher.FilterDispatcher

</filter-class>

</filter>

<filter-mapping>

<filter-name>struts2</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

259130;”

<filter>

<filter-name>struts2</filter-name>

<filter-class> org.apache.struts2 Yeah. dispatcher.ng.filter StrutsPrepareAndExecuteFilter

</filter-class>

</filter>

<filter-mapping>

<filter-name>struts2</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

23436;”209151;

http://struts.apache.org/release/2.3.x/docs/s2-016.html

http://struts.apache.org/release/2.3.x/docs/s2-017.html

http://struts.apache.org/release/2.3.x/docs/version-notes-23151.html

Using common file upload to upload files in SSH project

Today, the project used to upload. What I store in my database is the URL of the file, so I have to do some processing in the background. I have written several times before uploading, and I feel that the amount of code is too large. Today, I searched the Internet, and it will be much easier to upload with common file upload. After groping for an afternoon, I finally got it done. The background code is as follows

//The uploaded file
private File upload;
//file name and type
private String uploadContentType;
private String uploadFileName;
/*This is the variable to be written in the action, you must write it, otherwise it will be very troublesome, Struts2 will automatically assign the file to be uploaded, the file name, type, etc.*/

/// The following is the processing method
public String uploadStaffImage() throws Exception{
	//Take the file name and path, rename the file name with uuid to prevent Chinese mess
	String fileName = UUID.randomUUID().toString();
        //intercept file type
        String fileType = this.uploadFileName.substring(this.uploadFileName.lastIndexOf("."), this.uploadFileName.length());
        //New file name
        String file = fileName + fileType;
        // My directory is under "StaffImg" folder
        String path = request.getSession().getServletContext().getRealPath("/StaffImg");
	InputStream is = new FileInputStream(getUpload());  
        //Create an output stream to generate a new file  
        OutputStream os = new FileOutputStream(path + "//" + file);  
        //write disk 
        IOUtils.copy(is, os);
        os.flush();  
        IOUtils.closeQuietly(is);
        IOUtils.closeQuietly(os);
        //Update the URL in the database
        String imgURL = "StaffImg/"+file;
        this.staffFileUpLoadService.updataStaffImgURL(this.staffId, imgURL);
	return SUCCESS;
}

A total of 13 lines of code, compared to the previous written to be a lot more concise, method use is relatively simple.

This method can only upload a single file. If you upload in batches, the idea is the same, and you should add a loop in the outer layer
instead

Three ways to get form data in struct2

1. Use ActionContext class 

//1获取ActionContext对象
        ActionContext context = ActionContext.getContext();
        //2.调用方法获取key-value值
        Map<String, Object> map = context.getParameters();
        Set<String> set = map.keySet();
        for(String key :set){
            Object[] o = (Object[]) map.get(key);
            System.out.println(Arrays.toString(o));
        }

. Use ServletActionContext 

 //使用ServletActionContext对象获取request对象
        HttpServletRequest request = ServletActionContext.getRequest();
        //2.使用request对象获取表单数据
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String address = request.getParameter("address");
        System.out.println("username="+username);
        System.out.println("password"+password);
        System.out.println("address"+address);

3. Implement ServletRequestAware interface 

public class FormDemo3Action extends ActionSupport implements ServletRequestAware {
    HttpServletRequest httpServletRequest;
    @Override
    public void setServletRequest(HttpServletRequest httpServletRequest) {
        this.httpServletRequest=httpServletRequest;
    }
    @Override
    public String execute(){
        String username = httpServletRequest.getParameter("username");
        String password = httpServletRequest.getParameter("password");
        System.out.println("username="+username);
        System.out.println("password="+password);

        return NONE;
    }
}