javaxt-project
diff --git a/‎src/javaxt/portal/Content.java
Lines changed: 143 additions & 231 deletions b/‎src/javaxt/portal/Content.java
Lines changed: 143 additions & 231 deletions
diff --git a/‎src/javaxt/portal/Documentation.java
Lines changed: 5 additions & 4 deletions b/‎src/javaxt/portal/Documentation.java
Lines changed: 5 additions & 4 deletions
diff --git a/‎src/javaxt/portal/Download.java
Lines changed: 0 additions & 205 deletions b/‎src/javaxt/portal/Download.java
Lines changed: 0 additions & 205 deletions
diff --git a/‎src/javaxt/portal/File.java
Lines changed: 101 additions & 0 deletions b/‎src/javaxt/portal/File.java
Lines changed: 101 additions & 0 deletions
@@ -1,5 +1,6 @@
 package javaxt.portal;
 import java.util.zip.*;
+import javaxt.http.servlet.*;
 
 //******************************************************************************
 //**  Documentation Class
@@ -11,7 +12,7 @@
 
 public class Documentation {
 
-    private javax.servlet.http.HttpServletRequest request;
+    private HttpServletRequest request;
     private String jar;
     private com.jeldoclet.Parser parser;
 
@@ -46,7 +47,7 @@ public class Documentation {
    *  @param dir Path to the jar directory
    *  @param request HttpServletRequest
    */
-    public Documentation(String jar, javaxt.io.Directory dir, javax.servlet.http.HttpServletRequest request) {
+    public Documentation(String jar, javaxt.io.Directory dir, HttpServletRequest request) {
 
         if (jar.toLowerCase().endsWith(".jar") || jar.toLowerCase().endsWith(".zip")){
             jar = jar.substring(0, jar.lastIndexOf("."));
@@ -78,7 +79,7 @@ public String getIndex(String title) throws Exception {
         }
         if (showIndex){
 
-            String path = new javaxt.utils.URL(request.getRequestURL().toString()).getPath();
+            String path = request.getURL().getPath();
 
             if (title==null) str.append("<h1>JavaDocs</h1>");
             else str.append("<h1>" + title + "</h1>");
@@ -359,7 +360,7 @@ public static String mergeTrees(java.util.List<String> trees){
    */
     private com.jeldoclet.Parser getJELParser(javaxt.io.File javadoc){
 
-        javax.servlet.ServletContext application = request.getSession().getServletContext();
+        ServletContext application = request.getSession().getServletContext();
         com.jeldoclet.Parser parser = (com.jeldoclet.Parser) application.getAttribute(jar);
         java.util.Date lastUpdate = (java.util.Date) application.getAttribute(jar + "-timestamp");
         if (parser==null || lastUpdate==null || javadoc.getDate().after(lastUpdate)){
 
@@ -0,0 +1,101 @@
+package javaxt.portal;
+import javaxt.http.servlet.HttpServletRequest;
+import javaxt.http.servlet.HttpServletResponse;
+import javaxt.http.servlet.ServletException;
+
+//******************************************************************************
+//**  File Class
+//******************************************************************************
+/**
+ *   Used to represent a file found on the web server. 
+ *
+ ******************************************************************************/
+
+public class File {
+
+    private javaxt.io.File file;
+
+  //**************************************************************************
+  //** Constructor
+  //**************************************************************************
+
+    public File(HttpServletRequest request, javaxt.io.Directory share, String Path)
+    throws ServletException {
+
+        
+      //Get requested file from the querystring
+        String filename = null;
+        java.util.Enumeration<String> it = request.getParameterNames();
+        while (it.hasMoreElements()){
+            String key = it.nextElement();
+            if (key.equalsIgnoreCase("img") || key.equalsIgnoreCase("image") ||
+                key.equalsIgnoreCase("file") || key.equalsIgnoreCase("filename")){
+                filename = request.getParameter(key);
+                if (filename!=null){
+                    break;
+                }
+            }
+        }
+        if (filename==null) filename = request.getQueryString();
+
+      //If no file found in the querystring, use the path from the url
+        if (filename==null){
+            String path = request.getURL().getPath();
+            path = path.substring(path.indexOf(Path)).substring(Path.length());
+            if (!path.endsWith("/")) filename = path;
+        }
+
+
+      //Remove any leading path separators
+        if (filename!=null){
+            if (filename.startsWith("/")||filename.startsWith("\\")){
+                filename = filename.substring(1);
+            }
+        }
+
+
+
+      //Validate the filename/path
+        if (filename==null || filename.equals("") || filename.contains("..") ||
+            filename.toLowerCase().contains("keystore")){
+            throw new ServletException(400);
+        }
+        else{
+          //Make sure none of the directories/files in the path are "hidden"
+            for (String path : filename.replace("\\", "/").split("/")){
+                if (path.trim().startsWith(".")){
+                    throw new ServletException(400);
+                }
+            }
+        }
+
+
+
+        file = new javaxt.io.File(share.toString() + filename);
+        if (!file.exists()) file = new javaxt.io.File(share.toString() + "downloads/" + filename);
+
+        //System.out.println("Download:  " + file);
+
+        if (!file.exists()){
+            throw new ServletException();
+        }
+
+    }
+
+    
+    public javaxt.io.File getFile(){
+        return file;
+    }
+
+  //**************************************************************************
+  //** sendFile
+  //**************************************************************************
+  /**  Used to send a static file to the client.
+   */
+    public void send(HttpServletResponse response) throws java.io.IOException {
+        String contentType = file.getContentType();
+        if (file.getExtension().equalsIgnoreCase("xml")) contentType = "text/xml";
+        response.write(file.toFile(), contentType, true);
+    }
+
+}