<%@page import="com.hanweb.jcms.constant.Tables"%> <%@page import="com.hanweb.common.util.DateUtil"%> <%@page import="com.hanweb.common.util.NumberUtil"%> <%@page import="com.hanweb.common.util.SpringUtil"%> <%@page import="com.hanweb.common.util.StringUtil"%> <%@page import="com.hanweb.common.util.file.IFileUtil"%> <%@page import="com.hanweb.common.util.ip.IpUtil"%> <%@page import="com.hanweb.common.util.mvc.Script"%> <%@page import="com.hanweb.jcms.entity.Jcms_AttachEntity"%> <%@page import="com.hanweb.jcms.entity.Jcms_CataloginfoEntity"%> <%@page import="com.hanweb.jcms.plugins.download.service.DownloadBLF"%> <%@page import="com.hanweb.jcms.service.column.Jcms_CataloginfoBLF"%> <%@page import="com.hanweb.jcms.service.filemanager.Jcms_AttachBLF"%> <%@page import="com.hanweb.jcms.service.website.Jcms_WebinfomationBLF"%> <%@page import="com.hanweb.jcms.sys.service.SysInfo"%> <%@page import="com.hanweb.jcms.util.SafeUtil"%> <%@page import="com.hanweb.jcms.util.io.DownFile"%> <%@page import="org.apache.commons.logging.Log"%> <%@page import="org.apache.commons.logging.LogFactory"%> <%@ page import="com.hanweb.jcms.util.AccessUtil" %> <%@page contentType="text/html;charset=UTF-8"%> <%@include file="./config.jsp"%><% if(!AccessUtil.checkAccess(request)){ //阻止跨站点请求伪造 Script script = Script.getInstanceOnly(); out.print(script.addScript("location.href='../../';").getScript()); return; } int nArtID = NumberUtil.getInt(request.getParameter("i_ID")); int nColumnID = NumberUtil.getInt(request.getParameter("colID")); String strField = SafeUtil.getSafeString(request.getParameter("field")); if(StringUtil.contains(strField, "-")){ strField = strField.replace("-", ""); } Log logger = LogFactory.getLog(getClass()); if( nColumnID <= 0 ){ logger.debug("down module : no columnid"); return; } if( nArtID <= 0 ){ logger.debug("down module : no article id "); return; } IFileUtil fileUtil = (IFileUtil )SpringUtil.getBean("FileUtil"); SysInfo sys = new SysInfo(); sys.initSysPara(request); /*定义对象*/ Jcms_CataloginfoBLF blf = Jcms_CataloginfoBLF.getInstance().init(strAppID,NumberUtil.getInt(strWebID)); Jcms_CataloginfoEntity entity = blf.getEntity( nColumnID ); if( entity == null ){ logger.debug("down module : no column entity "); return; } String strTableName = Tables.INFO+"_"+strWebID; if( entity.getI_style() == 3 ) strTableName = entity.getVc_tablename() ; DownloadBLF downblf = SpringUtil.getBean(DownloadBLF.class); String[][] strData = DownloadBLF.getDown( strTableName,strField,entity.getI_style(),nArtID, strWebID ); if( strData == null || strData.length == 0 ){ logger.debug("down module : no attach !"); return; } String strAttachPath = StringUtil.getStringTrim( strData[0][1] ); if(StringUtil.isEmpty(strAttachPath)){ logger.error("下载附件不存在"); return; } strAttachPath = strAttachPath.replaceAll("\\\\","/"); //要下载的原文件 String strFile = ""; int nPost = strAttachPath.indexOf("/jcms_files", 1); if (nPost == -1) { Script script = Script.getInstanceOnly(); if(strAttachPath.length() > 0){ strAttachPath = strAttachPath.replaceAll("\\\\","/"); strAttachPath = strAttachPath.replaceAll("\\.\\./", ""); strAttachPath = strAttachPath.replaceAll("\\./", ""); Jcms_WebinfomationBLF webinfomationBLF = Jcms_WebinfomationBLF.getInstance(); String domains = webinfomationBLF.findDomainFromWebInfo(NumberUtil.getInt(strWebID)); String strAttachUrl = (domains + "/" +strAttachPath ); strAttachUrl = strAttachUrl.replaceAll("//","/"); strAttachUrl = strAttachUrl.replaceAll("\r", ""); strAttachUrl = strAttachUrl.replaceAll("\n", ""); strAttachUrl = strAttachUrl.replaceAll("\n\r", ""); out.println(script.addScript("window.open('http://"+strAttachUrl+"')").getScript()); return; } } strFile = strAttachPath.substring(nPost); strFile = StringUtil.replace( strFile,"//","/"); strFile = fileUtil.getAbsolutePath(strFile); //要下载的文件名 if (!fileUtil.exists(strFile)){ logger.error("下载附件不存在"); return; } /*判断文件大小，文件大于3M的话，调用IE的下载，<3M则通过流下载*/ String strName = ""; if(!strFile.endsWith("/")){ strName = strFile.substring(strFile.lastIndexOf("/") + 1); } String downloadname = strName; String dbfilepath = ""; String filenamedisplay = ""; if(strAttachPath.lastIndexOf("attach") >= 0 && strAttachPath.lastIndexOf(".") >= 0){ dbfilepath = strAttachPath.substring(strAttachPath.lastIndexOf("attach") + 6); } String filedownload = "/jcms_files/jcms" + strAppID + "/web" + strWebID + "/site/attach/" + dbfilepath; Jcms_AttachBLF attachBlf = Jcms_AttachBLF.getInstance().init(strAppID,NumberUtil.getInt(strWebID)); Jcms_AttachEntity attachEn = attachBlf.findFileName(downloadname); if(attachEn!=null){ filenamedisplay = attachEn.getVc_name(); }else{ filenamedisplay = downloadname; } String userAgent = request.getHeader("USER-AGENT"); if(userAgent.lastIndexOf("Safari") > -1 && userAgent.lastIndexOf("Chrome") == -1) { filenamedisplay = new String(filenamedisplay.getBytes("UTF-8"), "8859_1"); } else{ filenamedisplay = new String(filenamedisplay.getBytes("GBK"), "8859_1"); } String fileType = ""; if(strName.lastIndexOf(".") >= 0 && strName.lastIndexOf(".") < strName.length() - 1 ){ fileType = strName.substring(strName.lastIndexOf(".") + 1); } if(!"pdf".equals(fileType)){ response.setContentType("application/octet-stream");//设置为下载application/octet-stream response.addHeader("Content-Disposition","attachment;filename=" + filenamedisplay); } else{ response.addHeader("Content-Disposition","filename=" + filenamedisplay); response.setContentType("application/pdf;charset=UTF-8"); } try{ out.clear(); out=pageContext.pushBody(); }catch(Throwable e){ } try { pageContext.getOut().clear(); Script script = Script.getInstanceOnly(); if(!"pdf".equals(fileType)){ if(!DownFile.getFile(strFile,downloadname,response,"UTF-8",request, false)){ out.println(script.addScript("alert('下载失败，文件可能不存在！');").getScript()); }else{ downblf.addDownloadRecord(downloadname, DateUtil.getCurrDateTime(), request.getContextPath(), request.getHeader("user-agent"), IpUtil.getIp(), NumberUtil.getInt(strWebID)); } } else{ RequestDispatcher dis = application.getRequestDispatcher(filedownload); if(dis!= null){ dis.forward(request,response); downblf.addDownloadRecord(downloadname, DateUtil.getCurrDateTime(), request.getContextPath(), request.getHeader("user-agent"), IpUtil.getIp(), NumberUtil.getInt(strWebID)); }else{ out.println(script.addScript("alert('下载失败，文件可能不存在！');").getScript()); } } } catch(Exception e){ } finally{ response.flushBuffer(); } %>