Java Code Examples for com.xnx3.StringUtil

The following examples show how to use com.xnx3.StringUtil. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: wangmarket   Source File: AdminNewsController.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 信息详情
 * @param id News.id
 * @param model
 * @return
 */
@RequiresPermissions("adminNewsView")
@RequestMapping("view${url.suffix}")
public String view(@RequestParam(value = "id", required = true , defaultValue="") int id, Model model){
	News news = sqlService.findById(News.class, id);
	if(news == null){
		return error(model, "信息不存在");
	}
	NewsData newsData = sqlService.findById(NewsData.class, id);
	
	Site site = sqlService.findById(Site.class, news.getSiteid());
	if(site == null){
		return error(model, "信息所属网站不存在");
	}
	
	model.addAttribute("text", StringUtil.filterXss(newsData.getText()));
	model.addAttribute("news", news);
	model.addAttribute("site", site);
	model.addAttribute("AttachmentFileUrl", AttachmentFile.netUrl());
	return "admin/news/view";
}
 
Example 2
Source Project: wangmarket   Source File: TemplateCMS.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 服务于 {@link #replaceSiteColumnBlock(String, Map, Map, Map)}
 * @param newsListTemplate 栏目中调取出文章列表的模版
 * @param start_number 当前文章列表显示的记录,从第几条开始显示,如 1,则略过第一条,从第二条开始显示。
 * @param number 当前文章列表显示多少条记录
 * @param itemTemp 取得list的列表项内容,包含动态标签的列表的模板
 * @param columnNewsMap key:栏目代码, value:文章列表
 * @param siteColumn 当前栏目
 * @param newsDataMap 对 newsDataList 网站文章的内容进行调整,调整为map key:newsData.id  value:newsDataBean
 * @return 替换好的html
 */
private String replaceSiteColumnBlock_replaceNews(String newsListTemplate, int start_number, int number, String itemTemp, Map<String, List<News>> columnNewsMap, SiteColumn siteColumn, Map<Integer, NewsDataBean> newsDataMap){
	if(newsListTemplate == null){
		return "";
	}
	//如果<!--List_Start-->存在,则需要News信息列表
   	if(newsListTemplate.indexOf("<!--List_Start-->") > -1){
       	StringBuffer itemBuffer = new StringBuffer();	//显示的列表内容
       	List<News> list = columnNewsMap.get(siteColumn.getCodeName());	//获取要显示的列表的数据源
   		
       	if(start_number < 0){
       		start_number = 0;
       	}
       	int zongshu = number + start_number;	//从start_number 开始,去到第几个为止。
       	for (int i = start_number; i < list.size() && i < zongshu; i++) {
   			News news = list.get(i);
       		itemBuffer.append(replaceNewsTag(itemTemp, news, siteColumn, newsDataMap.get(news.getId())));
   		}
   		newsListTemplate = StringUtil.subStringReplace(newsListTemplate+" ", "<!--List_Start-->", "<!--List_End-->", itemBuffer.toString());
   	}
   	return newsListTemplate;
}
 
Example 3
Source Project: wangmarket   Source File: UserServiceImpl.java    License: Apache License 2.0 6 votes vote down vote up
public BaseVO updateNickname(HttpServletRequest request) {
	BaseVO baseVO = new BaseVO();
	String nickname = StringUtil.filterXss(request.getParameter("nickname"));
	if(nickname == null){
		nickname = "";
	}
	if(nickname.length()==0){
		baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_updateNicknameNotNull"));
		return baseVO;
	}
	if(nickname.length()>15){
		baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_updateNicknameSizeFailure"));
		return baseVO;
	}
	
	User u = sqlDAO.findById(User.class, ShiroFunc.getUser().getId());
	u.setNickname(nickname);
	sqlDAO.save(u);
	ShiroFunc.getUser().setNickname(nickname);
	baseVO.setInfo(nickname);
	
	return baseVO;
}
 
Example 4
Source Project: wangmarket   Source File: UserServiceImpl.java    License: Apache License 2.0 6 votes vote down vote up
public BaseVO updateSign(HttpServletRequest request) {
	BaseVO baseVO = new BaseVO();
	String sign = request.getParameter("sign");
	if(sign == null){
		sign = "";
	}
	//过滤html标签、sql注入、xss
	sign = Safety.filter(StringUtil.filterHtmlTag(sign));
	if(sign.length()>40){
		baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_updateSignSizeFailure"));
		return baseVO;
	}
	
	User u = sqlDAO.findById(User.class, ShiroFunc.getUser().getId());
	u.setSign(sign);
	sqlDAO.save(u);
	ShiroFunc.getUser().setSign(sign);
	
	return baseVO;
}
 
Example 5
Source Project: xnx3   Source File: HttpUtil.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * post请求
 * @param url
 * @param json
 * @return
 */
public static JSONObject doPost(String url,JSONObject json){
    DefaultHttpClient client = new DefaultHttpClient();
    HttpPost post = new HttpPost(url);
    JSONObject response = null;
    try {
        StringEntity s = new StringEntity(json.toString(),"UTF-8");
        s.setContentEncoding("UTF-8");
        s.setContentType("application/json");//发送json数据需要设置contentType
        post.setEntity(s);
        post.setHeader("Content-Type", "application/json; charset=UTF-8");
        post.setHeader("Accept-Charset","UTF-8");
        
        System.out.println(StringUtil.inputStreamToString(post.getEntity().getContent(), "UTF-8"));
        
        HttpResponse res = client.execute(post);
        if(res.getStatusLine().getStatusCode() == HttpStatus.SC_OK){
            HttpEntity entity = res.getEntity();
            String result = EntityUtils.toString(res.getEntity());// 返回json格式:
            response = JSONObject.fromObject(result);
        }
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    return response;
}
 
Example 6
Source Project: templatespider   Source File: Global.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 获取当前应用的目录所在。返回如 /Users/apple/Desktop/MyEclipseWork/templaete/bin/wang.market/
 */
public static String getLocalTemplatePath(){
	if(localTemplatePath == null){
		localTemplatePath = Global.class.getResource("/").getPath();
		if(localTemplatePath.indexOf("%") > -1){
			//判断路径中是否有URL编码,若有,进行转码为正常汉字
			localTemplatePath = StringUtil.urlToString(localTemplatePath);
		}
	}
	return localTemplatePath+templateDomain+"/";
}
 
Example 7
Source Project: templatespider   Source File: TemplateCompute.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 判断某个模板(body)中,是否有此Element存在
 * @param bodyElement 要判断的模板的body元素
 * @param diff 要判断寻找的元素
 * @return 0~1 越相似,越靠近1
 */
public ElementDiffVO findElementByTemplate(Template template, Element diff){
	Element bodyElement = template.getBodyElement();
	
	ElementDiffVO vo = new ElementDiffVO();
	vo.setDiffElement(diff);
	vo.setTargetFile(template.getFile());
	
	Elements es = bodyElement.getElementsByTag(diff.tagName());
	if(es.size() == 0){
		//没有找到这个Element的Tag,那么直接返回0
		vo.setResult(BaseVO.FAILURE);
		return vo;
	}
	
	for (int i = 0; i < es.size(); i++) {
		Element e = es.get(i);
		
		//进行对比
		double d1 = com.xnx3.util.StringUtil.similarity(diff, e);
		if(d1 > vo.getD()){
			vo.setD(d1);
			vo.setTargetElement(e);
		}
	}
	
	return vo;
}
 
Example 8
Source Project: wangmarket   Source File: SystemSetAgencyController.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 保存公告
 * @param value 要更改的公告的信息,
 */
@RequiresPermissions("agencyIndex")
@RequestMapping("saveNotice${url.suffix}")
@ResponseBody
public BaseVO saveNotice(HttpServletRequest request,
		@RequestParam(value = "value", required = true) String value){
	Agency agency = getMyAgency();
	if(agency == null){
		return error("您不是代理,无权操作");
	}
	value = StringUtil.filterXss(value);
	
	AgencyData agencyData = sqlService.findAloneBySqlQuery("SELECT * FROM agency_data WHERE id = "+getMyAgency().getId(), AgencyData.class);
	if(agencyData == null){
		//兼容4.4版本以前的。这个功能是4.4版本才增加的
		agencyData = new AgencyData();
		agencyData.setId(agency.getId());
	}
	agencyData.setNotice(value);
	sqlService.save(agencyData);
	
	//更新session缓存
	com.xnx3.wangmarket.admin.Func.getUserBeanForShiroSession().setMyAgencyData(agencyData);
			
	//记录操作日志
	AliyunLog.addActionLog(agencyData.getId(), "代理更改公告");
	
	return success();
}
 
Example 9
Source Project: wangmarket   Source File: KeFu.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 创建站点的客服人员信息
 * @param site 客服所属的站点
 * @param nickname 客服名字,昵称
 * @param head 客服的头像
 */
public void kefuInfo(Site site, String nickname, String head, Im im){
	if(site == null){
		return;
	}
	createCacheObject("kefu");
	cacheAdd("useKefu", im.getUseKefu());
	cacheAdd("nickname", StringUtil.StringToUtf8(nickname));
	cacheAdd("head", head);
	cacheAdd("autoReply", StringUtil.StringToUtf8(im.getAutoReply()));
	generateCacheFile(site);
}
 
Example 10
Source Project: wangmarket   Source File: TemplateVO.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 将json获取的字符串进行UTF8编码判断,拿到原始字符串。
 * @param text json中拿到的字符串
 * @return 将字符串判断是否编码,若编码了,将其解码后输出
 */
public String getJsonString(String text){
	if(text == null){
		return "";
	}
	if(this.isUtf8Encode){
		//使用了UTF8编码,那么进行解码
		text = StringUtil.utf8ToString(text);
	}
	
	return text;
}
 
Example 11
Source Project: wangmarket   Source File: TemplateVO.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 获取json的某个 String 的值,并进行xss过滤
 */
public String getJsonStringAndFilterXSS(JSONObject json, String key){
	if(json == null){
		return "";
	}
	if(json.get(key) == null){
		return "";
	}
	
	return StringUtil.filterXss(getJsonString(json.getString(key)));
}
 
Example 12
Source Project: wangmarket   Source File: SqlDAO.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 从JPA的实体类中,获取数据库表的名字
 * @param c 实体类,如 User.class
 * @return 此实体类的数据表的原名
 */
public static String getDatabaseTableName(Class c){
	Table table = (Table) c.getAnnotation(javax.persistence.Table.class);
	String tableName = null;
	if(table != null && table.name() != null && table.name().length() > 0){
		tableName = table.name();
	}else{
		tableName = StringUtil.firstCharToLowerCase(c.getSimpleName());
	}
	return tableName;
}
 
Example 13
Source Project: wangmarket   Source File: SmsLogServiceImpl.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 发送手机号登录的验证码
 * @param request {@link HttpServletRequest}
 * 			<br/>form表单需提交参数:phone(发送到的手机号)
 * @return {@link BaseVO}
 */
public BaseVO sendPhoneLoginCode(HttpServletRequest request) {
	String phone = StringUtil.filterXss(request.getParameter("phone"));
	BaseVO baseVO = sendSMS(request, phone, SmsLog.TYPE_LOGIN);
	if(baseVO.getResult() - BaseVO.SUCCESS == 0){
		//发送短信
		String result = SMSUtil.send(phone, Language.show("sms_loginSendCodeText").replaceAll("\\$\\{code\\}", baseVO.getInfo()+""));
		if(result == null){
			baseVO.setBaseVO(BaseVO.SUCCESS, Language.show("sms_codeSendYourPhoneSuccess"));
		}else{
			baseVO.setBaseVO(BaseVO.FAILURE, Language.show("sms_saveFailure")+"-"+result);
		}
	}
	return baseVO;
}
 
Example 14
Source Project: wangmarket   Source File: LocalServerMode.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 目录检测,检测是否存在。若不存在,则自动创建目录。适用于使用本地磁盘进行存储
 * @param path 要检测的目录,相对路径,如 jar/file/  创建到file文件,末尾一定加/     或者jar/file/a.jar创建懂啊file文件
 */
public static void directoryInit(String path){
	if(path == null){
		return;
	}
	
	//windows取的路径是\,所以要将\替换为/
	if(path.indexOf("\\") > 1){
		path = StringUtil.replaceAll(path, "\\\\", "/");
	}
	
	if(path.length() - path.lastIndexOf("/") > 1){
		//path最后是带了具体文件名的,把具体文件名过滤掉,只留文件/结尾
		path = path.substring(0, path.lastIndexOf("/")+1);
	}
	
	//如果目录或文件不存在,再进行创建目录的判断
	if(!FileUtil.exists(path)){
		String[] ps = path.split("/");
		
		String xiangdui = "";
		//length-1,/最后面应该就是文件名了,所以要忽略最后一个
		for (int i = 0; i < ps.length; i++) {
			if(ps[i].length() > 0){
				xiangdui = xiangdui + ps[i]+"/";
				if(!FileUtil.exists(AttachmentFile.localFilePath+xiangdui)){
					File file = new File(AttachmentFile.localFilePath+xiangdui);
					file.mkdir();
				}
			}
		}
	}
}
 
Example 15
Source Project: wangmarket   Source File: AttachmentFile.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 上传文件
 * @param filePath 上传后的文件所在的目录、路径,如 "jar/file/"
 * @param fileName 上传的文件名,如“xnx3.jar”;主要拿里面的后缀名。也可以直接传入文件的后缀名如“.jar。新的文件名会是自动生成的 uuid+后缀”
 * @param inputStream {@link InputStream}
 * @return {@link PutResult} 若失败,返回null
 */
public static UploadFileVO put(String filePath,String fileName,InputStream inputStream){
	UploadFileVO vo = new UploadFileVO();
	
	//进行文件后缀校验
	if(fileName == null || fileName.indexOf(".") == -1){
		vo.setBaseVO(UploadFileVO.FAILURE, "上传的文件名(后缀)校验失败!传入的为:"+fileName+",允许传入的值如:a.jpg或.jpg");
		return vo;
	}
	
	String fileSuffix = StringUtil.subString(fileName, ".", null, 3);	//获得文件后缀,以便重命名
       String name=Lang.uuid()+"."+fileSuffix;
       String path = filePath+name;
       return put(path, inputStream);
}
 
Example 16
Source Project: wangmarket   Source File: AgencyUserController.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * api接口身份校验
 * @param key 要校验的key, id_password的4次加密,128长度的字符
 * @return {@link UserVO} 成功:vo.getResult = success
 */
private UserVO apiIdentityVerify(String key){
	UserVO vo = new UserVO();
	/*
	 * 验证Key的格式
	 */
	if(key.length() < 128 || key.indexOf("_") == -1){
		vo.setBaseVO(UserVO.FAILURE, "key错误1");
		return vo;
	}
	
	String[] ks = key.split("_");
	if(ks[0].length() == 0 || ks[1].length() == 0){
		vo.setBaseVO(UserVO.FAILURE, "key错误2");
		return vo;
	}
	
	int userid = Lang.stringToInt(ks[0], 0);
	if(userid == 0){
		vo.setBaseVO(UserVO.FAILURE, "key错误3");
		return vo;
	}
	String pwd = StringUtil.removeBlank(ks[1]);
	if(pwd.length() != 128){
		vo.setBaseVO(UserVO.FAILURE, "key错误4");
		return vo;
	}
	
	/*
	 * 验证Key是否存在
	 * 获取代理商的user信息
	 */
	User user = sqlService.findById(User.class, userid);
	if(user == null){
		//统一提示,避免被利用
		vo.setBaseVO(UserVO.FAILURE, "key错误5");
		return vo;	
	}
	if(!passwordMD5(user.getPassword()).equals(pwd)){
		vo.setBaseVO(UserVO.FAILURE, "key错误6");
		return vo;
	}
		
	vo.setUser(user);
	return vo;
}
 
Example 17
Source Project: wangmarket   Source File: TransactionalServiceImpl.java    License: Apache License 2.0 4 votes vote down vote up
@Override
	public BaseVO agencyCreateSite(HttpServletRequest request, Agency agency,
			User user, Site site, String email) {
		BaseVO vo = new BaseVO();
		
		if(agency.getSiteSize() == 0){
			vo.setBaseVO(BaseVO.FAILURE, "您的账户余额还剩 "+agency.getSiteSize()+" 站,不足以再开通网站!请联系相关人员充值");
			return vo;
		}
		
		if(site.getClient() == 0){
			vo.setBaseVO(BaseVO.FAILURE, "请选择站点类型,是电脑网站呢,还是手机网站呢?");
			return vo;
		}
		if(site.getName().length() == 0 || site.getName().length() > 30){
			vo.setBaseVO(BaseVO.FAILURE, "请输入1~30个字符的要建立的站点名字");
			return vo;
		}
		
		//创建用户
		user.setPhone(StringUtil.filterXss(Sql.filter(site.getPhone())));
		user.setEmail(StringUtil.filterXss(Sql.filter((email))));
		user.setOssSizeHave(agency.getRegOssHave());
		user.setReferrerid(agency.getUserid());	//设定用户的上级是当前代理商本人
		UserVO userVO = regUser(user, request, false);
		if(userVO.getResult() == BaseVO.SUCCESS){
			
			//创建站点
			site.setExpiretime(DateUtil.timeForUnix10() + 31622400);	//到期,一年后,366天后

			site.setmShowBanner(Site.MSHOWBANNER_SHOW);
			SiteVO siteVO = siteService.saveSite(site, userVO.getUser().getId(), request);
			if(siteVO.getResult() - SiteVO.SUCCESS == 0){
				
				//减去当前代理的账户余额的站币
				agency.setSiteSize(agency.getSiteSize() - 1);
				sqlDAO.save(agency);
//				if(getUserId() > 0){
//					//如果是登录用户,那么要刷新用户的缓存
//					Func.getUserBeanForShiroSession().setMyAgency(agency); 	//刷新缓存
//				}
				
				//将变动记录入数据库
				SiteSizeChange ssc = new SiteSizeChange();
				ssc.setAddtime(DateUtil.timeForUnix10());
				ssc.setAgencyId(agency.getId());
				ssc.setChangeAfter(agency.getSiteSize());
				ssc.setChangeBefore(agency.getSiteSize()+1);
				ssc.setGoalid(siteVO.getSite().getId());
				ssc.setSiteSizeChange(-1);
				ssc.setUserid(agency.getUserid());
				sqlDAO.save(ssc);
				
				//将变动记录入日志服务的站币变动中
				SiteSizeChangeLog.xiaofei(agency.getName(), "代理开通网站:"+site.getName(), ssc.getSiteSizeChange(), ssc.getChangeBefore(), ssc.getChangeAfter(), ssc.getGoalid(), IpUtil.getIpAddress(request));
				
				//记录动作日志
				AliyunLog.addActionLog(site.getId(), "开通网站:"+site.getName());
				
				vo.setInfo(userVO.getUser().getId()+"_"+passwordMD5(userVO.getUser().getPassword()));
			}else{
				vo.setBaseVO(BaseVO.FAILURE, "添加用户成功,但添加站点失败!");
			}
		}else{
			vo.setBaseVO(BaseVO.FAILURE, userVO.getInfo());
		}
		
		return vo;
	}
 
Example 18
Source Project: wangmarket   Source File: TransactionalServiceImpl.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public UserVO regUser(User user, HttpServletRequest request,
		boolean isAgency) {
	UserVO baseVO = new UserVO();
	user.setUsername(StringUtil.filterXss(user.getUsername()));
	user.setEmail(Safety.filter(user.getEmail()));
	user.setPhone(Safety.filter(user.getPhone()));
	
	//判断用户名、邮箱、手机号是否有其中为空的
	if(user.getUsername()==null||user.getUsername().equals("")){
		baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_userNameToLong"));
	}
	
	//判断用户名、邮箱、手机号是否有其中已经注册了,唯一性
	//判断用户名唯一性
	
	if(sqlDAO.findByProperty(User.class, "username", user.getUsername()).size() > 0){
		baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailureForUsernameAlreadyExist"));
		return baseVO;
	}
	
	//判断邮箱是否被注册了,若被注册了,则邮箱设置为空
	if(sqlDAO.findByProperty(User.class, "email", user.getEmail()).size() > 0){
		user.setEmail("");
	}
	
	//判断手机号是否被用过。若被用过了,则自动将手机号给抹除,不写入User表
	if(user.getPhone() != null && user.getPhone().length() > 0){
		if(sqlDAO.findByProperty(User.class, "phone", user.getPhone()).size() > 0){
			if(isAgency){
				//如果是创建代理,手机号必须的,并且唯一
				baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailureForPhoneAlreadyExist"));
				return baseVO;
			}else{
				//如果只是建站,则可以允许手机号为空
				user.setPhone("");
			}
		}
	}
	
	user.setRegip(IpUtil.getIpAddress(request));
	user.setLastip(IpUtil.getIpAddress(request));
	user.setRegtime(DateUtil.timeForUnix10());
	user.setLasttime(DateUtil.timeForUnix10());
	user.setNickname(user.getUsername());
	user.setAuthority(isAgency? Global.get("AGENCY_ROLE")+"":Global.get("USER_REG_ROLE"));	//设定是普通代理,还是会员权限
	user.setCurrency(0);
	user.setFreezemoney(0F);
	user.setMoney(0F);
	user.setIsfreeze(User.ISFREEZE_NORMAL);
	user.setHead("default.png");
	user.setIdcardauth(User.IDCARDAUTH_NO);
	
	Random random = new Random();
	user.setSalt(random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+"");
       String md5Password = new Md5Hash(user.getPassword(), user.getSalt(),Global.USER_PASSWORD_SALT_NUMBER).toString();
	user.setPassword(md5Password);
	
	sqlDAO.save(user);
	if(user.getId()>0){
		//赋予该用户系统设置的默认角色,是代理,还是会员
		UserRole userRole = new UserRole();
		int roleid = 0;
		if(isAgency){
			roleid = Global.getInt("AGENCY_ROLE");
		}else{
			roleid = Global.getInt("USER_REG_ROLE");
		}
		userRole.setRoleid(roleid);
		userRole.setUserid(user.getId());
		sqlDAO.save(userRole);
		
		baseVO.setBaseVO(BaseVO.SUCCESS, Language.show("user_regSuccess"));
		baseVO.setUser(user);
	}else{
		baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailure"));
	}
	
	return baseVO;
}
 
Example 19
Source Project: wangmarket   Source File: FormManagePluginController.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * 提交反馈信息,只限 post 提交
 * @param id 要删除的输入模型的id,对应 {@link InputModel}.id
 */
@RequestMapping(value="formAdd${url.suffix}", method = RequestMethod.POST)
@ResponseBody
public BaseVO formAdd(HttpServletRequest request, Model model,
		@RequestParam(value = "siteid", required = false , defaultValue="0") int siteid,
		@RequestParam(value = "title", required = false , defaultValue="") String title){
	String ip = IpUtil.getIpAddress(request);
	Frequency frequency = frequencyMap.get(ip);
	int currentTime = DateUtil.timeForUnix10();	//当前10位时间戳
	//今天尚未提交过,那么创建一个记录
	if(frequency == null){
		frequency = new Frequency();
		frequency.setIp(ip);
	}
	
	//判断当前是否允许提交反馈信息,如果不允许,需要记录,并返回不允许的提示。
	if(frequency.getForbidtime() > currentTime){
		//间隔时间太短,不允许提交反馈信息
		frequency.setErrorNumber(frequency.getErrorNumber()+1);
		frequencyMap.put(ip, frequency);	//临时存储,这个存储时间是一天,每天清除一次
		return error("距离上次提交时间太短,等会再试试吧");
	}
	
	/** 下面就是允许提交的逻辑处理了 **/
	frequency.setLasttime(currentTime);	//设置当前为最后一次提交的时间
	frequency.setForbidtime(currentTime + FeedbackTimeInterval);	//设置下次允许提交反馈的时间节点,这个时间节点之前是不允许在此提交的
	frequencyMap.put(ip, frequency);	//临时存储,这个存储时间是一天,每天清除一次
	
	
	title = StringUtil.filterXss(title);
	if(siteid <= 0){
		return error("请传入您的站点id(siteid),不然,怎么知道此反馈表单是属于哪个网站的呢?");
	}
	
	Form form = new Form();
	form.setAddtime(DateUtil.timeForUnix10());
	form.setSiteid(siteid);
	form.setState(Form.STATE_UNREAD);
	form.setTitle(title);
	sqlService.save(form);
	if(form.getId() != null && form.getId() > 0){
		//成功,进而存储具体内容。存储内容时,首先要从提交的数据中,便利出所有表单数据.这里是原始提交的结果,需要进行xss过滤
		Map<String, String[]> params = new HashMap<String, String[]>();
		params.putAll(request.getParameterMap());
		//删除掉siteid、title的参数
		params.remove("siteid");
		if(params.get("title") != null){
			params.remove("title");
		}
		
		JSONArray jsonArray = new JSONArray();	//text文本框所存储的内容
		for (Map.Entry<String, String[]> entry : params.entrySet()) { 
			JSONObject json = new JSONObject();
			JSONArray valueJsonArray = new JSONArray();
			
			for (int i = 0; i < entry.getValue().length; i++) {
				valueJsonArray.add(StringUtil.filterXss(entry.getValue()[i]));
			}
			json.put(StringUtil.filterXss(entry.getKey()), valueJsonArray);
			jsonArray.add(json);
		}
		String text = jsonArray.toString();
		if(text.length() > textMaxLength){
			return error("信息太长,非法提交!");
		}
		
		FormData formData = new FormData();
		formData.setId(form.getId());
		formData.setText(text);
		sqlService.save(formData);
		
		//记录日志
		AliyunLog.addActionLog(form.getId(), "提交表单反馈", form.getTitle());
		
		return success();
	}else{
		return error("保存失败");
	}
	
}
 
Example 20
Source Project: wangmarket   Source File: KeyManageServiceImpl.java    License: Apache License 2.0 4 votes vote down vote up
public UserBeanVO verify(String key) {
	UserBeanVO vo = new UserBeanVO();
	/*
	 * 验证Key的格式
	 */
	if(key.length() < 128 || key.indexOf("_") == -1){
		vo.setBaseVO(UserVO.FAILURE, "key格式错误1");
		return vo;
	}
	
	String[] ks = key.split("_");
	if(ks[0].length() == 0 || ks[1].length() == 0){
		vo.setBaseVO(UserVO.FAILURE, "key格式错误");
		return vo;
	}
	
	int userid = Lang.stringToInt(ks[0], 0);
	if(userid == 0){
		vo.setBaseVO(UserVO.FAILURE, "key错误3");
		return vo;
	}
	String pwd = StringUtil.removeBlank(ks[1]);
	if(pwd.length() != 128){
		vo.setBaseVO(UserVO.FAILURE, "key位处出错");
		return vo;
	}
	
	/*
	 * 验证Key是否存在
	 * 获取代理商的user信息
	 */
	//先从内存找
	vo = keyUserMap.get(key);
	if(vo != null){
		return vo;
	}
	//userBeanVO为空,那么new一个新的,下面查询数据库,将结果加入 userBeanVO ,加入持久缓存Map
	vo = new UserBeanVO();
	
	//内存中没有,找数据库
	User user = sqlDAO.findById(User.class, userid);
	if(user == null){
		vo.setBaseVO(UserVO.FAILURE, "用户不存在");
		return vo;	
	}
	if(!passwordMD5(user.getPassword()).equals(pwd)){
		vo.setBaseVO(UserVO.FAILURE, "key校验密码错误");
		return vo;
	}
	vo.setUser(user);
	
	/*
	 * 根据 用户的权限,判断取用户的哪方面信息
	 */
	if(Func.isAuthorityBySpecific(user.getAuthority(), Global.get("ROLE_USER_ID"))){
		//是建站用户,那么取 Site 信息
		Site site = sqlDAO.findAloneBySqlQuery("SELECT * FROM site WHERE userid = "+user.getId(), Site.class);
		if(site == null){
			vo.setBaseVO(UserBeanVO.FAILURE, "站点不存在");
			return vo;	
		}
		vo.setSite(site);
	}else if (Func.isAuthorityBySpecific(user.getAuthority(), Global.get("AGENCY_ROLE"))) {
		//用户是代理商
		Agency agency = sqlDAO.findAloneBySqlQuery("SELECT * FROM agency WHERE userid = "+user.getId(), Agency.class);
		if(agency == null){
			vo.setBaseVO(UserBeanVO.FAILURE, "代理上信息不存在");
			return vo;	
		}
		vo.setAgency(agency);
	}
	
	
	//到这一步,便是找到了,那么将其key-User 进行缓存,避免下次还从数据库取
	keyUserMap.put(key, vo);
	
	return vo;
}
 
Example 21
Source Project: wangmarket   Source File: SiteController.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * 修改站点绑定的域名
 * @param siteid v2.1版本中以废弃,从Session中拿Site
 */
@RequestMapping(value="updateBindDomain${url.suffix}", method = RequestMethod.POST)
@ResponseBody
public BaseVO updateBindDomain(Model model,HttpServletRequest request,
		@RequestParam(value = "bindDomain", required = false , defaultValue="") String bindDomain){
	BaseVO vo = new BaseVO();
	
	bindDomain = StringUtil.filterXss(bindDomain);
	
	//v3.0版本更新,若不填写,则是绑定空的字符串,也就是解除之前的域名绑定!
	if(bindDomain.length() == 0){
		//为空,则是取消域名绑定
	}else{
		//查询此域名是否被绑定过了
		int scount = sqlService.count("site", "WHERE bind_domain = '"+bindDomain+"'");
		if(scount > 0){
			vo.setBaseVO(BaseVO.FAILURE, "此域名已经被绑定过了!");
			return vo;
		}
	}
	
	//v2.1更新,直接从Session中拿site.id
	Site site = sqlService.findById(Site.class, getSiteId());
	String oldBindDomain = site.getBindDomain();
	site.setBindDomain(bindDomain);
	sqlService.save(site);
	
	//更新域名服务器
	MQBean mqBean = new MQBean();
	mqBean.setType(MQBean.TYPE_BIND_DOMAIN);
	mqBean.setOldValue(oldBindDomain);
	mqBean.setSimpleSite(new SimpleSite(site));
	siteService.updateDomainServers(mqBean);
	
	//刷新Session缓存
	Func.getUserBeanForShiroSession().setSite(site);
	
	//刷新site.js
	new com.xnx3.wangmarket.admin.cache.Site().site(site,imService.getImByCache());
	
	AliyunLog.addActionLog(site.getId(), "修改站点绑定的域名为:"+site.getBindDomain());
	return vo;
}
 
Example 22
Source Project: wangmarket   Source File: TemplateController.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * 已经有过模板了,还原模板,展示,选择要还原的模板的项。
 * 此主要起展示作用,并没有实际功能
 * @throws IOException 
 */
@RequestMapping(value="restoreTemplateByLocalhostFile${url.suffix}", method = RequestMethod.POST)
@ResponseBody
public void restoreTemplateByLocalhostFile(Model model,HttpServletRequest request,HttpServletResponse response,
		@RequestParam("templateFile") MultipartFile multipartFile) throws IOException{
	JSONObject json = new JSONObject();
	
	//还原的模版字符串内容
	String backupsTemplateText = StringUtil.inputStreamToString(multipartFile.getInputStream(), "UTF-8");
	
	TemplateCompareVO tcv = new TemplateCompareVO();
	
	TemplateVO templateVO = new TemplateVO();
	if(!templateVO.importText(backupsTemplateText)){
		json.put("result", BaseVO.FAILURE);
		json.put("info", "导入失败!模版解析出错");
	}else{
		tcv = restoreTemplateCompare(request, templateVO);
		if(tcv.getResult() - TemplateCompareVO.FAILURE == 0){
			json.put("result", BaseVO.FAILURE);
			json.put("info", tcv.getInfo());
		}else{
			AliyunLog.addActionLog(getSiteId(), "本地还原模版进行比对预览");
			
			//将比对好的存入Session,方便在其他页面直接显示
			request.getSession().setAttribute("comparePreviewTCV", tcv);
			request.getSession().setAttribute("comparePreviewTemplateVO", templateVO);
			
			json.put("result", BaseVO.SUCCESS);
			json.put("info", "成功");
		}
	}
	
	response.setCharacterEncoding("UTF-8");  
    response.setContentType("application/json; charset=utf-8");  
    PrintWriter out = null;  
    try { 
        out = response.getWriter();  
        out.append(json.toString());
    } catch (IOException e) {  
        e.printStackTrace();  
    } finally {  
        if (out != null) {  
            out.close();  
        }
    }  
}
 
Example 23
Source Project: wangmarket   Source File: LoginController.java    License: Apache License 2.0 4 votes vote down vote up
/**
	 * 用户开通账户并创建网站,进行提交保存
	 * @param username 用户名
	 * @param email 邮箱,可为空
	 * @param password 密码
	 * @param phone 手机号
	 * @param code 手机验证码
	 * @param clilent 网站类型
	 */
	@RequestMapping(value="userCreateSite${url.suffix}", method = RequestMethod.POST)
	@ResponseBody
	public BaseVO userCreateSite(HttpServletRequest request,
			@RequestParam(value = "username", required = false , defaultValue="") String username,
			@RequestParam(value = "email", required = false , defaultValue="") String email,
			@RequestParam(value = "password", required = false , defaultValue="") String password,
			@RequestParam(value = "phone", required = false , defaultValue="") String phone,
			@RequestParam(value = "code", required = false , defaultValue="") String code
//			@RequestParam(value = "clilent", required = false , defaultValue="3") Short client
			){
		if(Global.getInt("ALLOW_USER_REG") == 0){
			return error("抱歉,当前禁止用户自行注册开通网站!");
		}
		username = StringUtil.filterXss(username);
		email = filter(email);
		phone = filter(phone);
		code = filter(code);
		
		//判断用户的短信验证码
//		BaseVO verifyVO = smsLogService.verifyPhoneAndCode(phone, code, SmsLog.TYPE_REG, 300);
//		if(verifyVO.getResult() - BaseVO.FAILURE == 0){
//			return verifyVO;
//		}
		
		//注册用户
		User user = new User();
		user.setUsername(username);
		user.setPhone(phone);
		user.setEmail(email);
		user.setPassword(password);
		user.setOssSizeHave(G.REG_GENERAL_OSS_HAVE);
		BaseVO userVO = userService.reg(user, request);
		if(userVO.getResult() - BaseVO.FAILURE == 0){
			return userVO;
		}
		
		//为此用户设置其自动登录成功
		int userid = Lang.stringToInt(userVO.getInfo(), 0);
		if(userid == 0){
			ActionLogCache.insert(request, "warn", "自助开通网站,自动创建账号出现问题。info:"+userVO.getInfo());
			return error("自动创建账号出现问题");
		}
		BaseVO loginVO = userService.loginByUserid(request,userid);
		if(loginVO.getResult() - BaseVO.FAILURE == 0){
			return loginVO;
		}
		UserBean userBean = new UserBean();
		//将拥有所有功能的管理权限,将功能菜单全部遍历出来,赋予这个用户
		Map<String, String> menuMap = new HashMap<String, String>();
		for (TemplateMenuEnum e : TemplateMenuEnum.values()) {
			menuMap.put(e.id, "1");
		}
		userBean.setSiteMenuRole(menuMap);
		ShiroFunc.getCurrentActiveUser().setObj(userBean);
		
		//开通网站
		Site site = new Site();
		site.setExpiretime(DateUtil.timeForUnix10() + 31622400);	//到期,一年后,366天后
		site.setClient(Site.CLIENT_CMS);	// v4.11更新 创建网站默认是 CMS 类型
		site.setPhone(phone);
		site.setName("网站名字");
		SiteVO siteVO = siteService.saveSite(site, userid, request);
		AliyunLog.addActionLog(userid, "自助创建网站提交保存",(siteVO.getResult() - SiteVO.SUCCESS == 0 ? "成功":"失败")+",username:"+user.getUsername());
		if(siteVO.getResult() - SiteVO.SUCCESS == 0){
			/**
			 * 免费通道
			 */
			
			return success();
		}else{
			return error(siteVO.getInfo());
		}
	}
 
Example 24
Source Project: wangmarket   Source File: KeFu.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * 创建站点的栏目导航数据缓存
 * @param siteColumnlist
 */
public void siteColumn(List<com.xnx3.wangmarket.admin.entity.SiteColumn> siteColumnlist, com.xnx3.wangmarket.admin.entity.Site site) {
	createCacheObject("siteColumn");
	int siteid = 0;
	String content = "";
	for (int i = 0; i < siteColumnlist.size(); i++) {
		SiteColumn column = siteColumnlist.get(i);
		if(siteid == 0){
			siteid = column.getSiteid();
		}

		//根据type,来判断url的值
		if(column.getType() == column.TYPE_NEWS){
			column.setUrl("/newsList.do?cid="+column.getId());
		}else if (column.getType() == SiteColumn.TYPE_IMAGENEWS) {
			column.setUrl("/imageNewsList.do?cid="+column.getId());
		}else if (column.getType() == SiteColumn.TYPE_PAGE) {
			column.setUrl(AttachmentFile.netUrl()+"site/"+site.getId()+"/html/"+column.getId()+".html");
		}else if (column.getType() == SiteColumn.TYPE_LEAVEWORD) {
			column.setUrl("/leaveword.do?siteid="+siteid);
		}else if (column.getType() == SiteColumn.TYPE_HREF) {
			//5是超链接,忽略过
		}else if (column.getType() == SiteColumn.TYPE_HREF) {
			column.setUrl("#");
		}
		
		if(column.getIcon() == null || column.getIcon().length() == 0){
			column.setIcon(AttachmentFile.netUrl()+G.DEFAULT_SITE_COLUMN_ICON_URL);
		}
		String icon = column.getIcon().indexOf("://")==-1? AttachmentFile.netUrl()+"site/"+site.getId()+"/column_icon/"+column.getIcon():column.getIcon();
		content = content+" siteColumn["+i+"] = new Array();"
						+ " siteColumn["+i+"]['id'] = '"+column.getId()+"'; "
						+ " siteColumn["+i+"]['name'] = '"+StringUtil.Utf8ToString(column.getName())+"'; "
						+ " siteColumn["+i+"]['url'] = '"+column.getUrl()+"'; "
						+ " siteColumn["+i+"]['type'] = '"+column.getType()+"'; "
						+ " siteColumn["+i+"]['icon'] = '"+icon+"'; ";
	}
	
	if(siteid > 0){
		appendContent(content);
		generateCacheFile(site);
	}
}
 
Example 25
Source Project: wangmarket   Source File: Site.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * 创建站点的栏目导航数据缓存
 * @param siteColumnlist
 */
public void siteColumn(List<com.xnx3.wangmarket.admin.entity.SiteColumn> siteColumnlist, com.xnx3.wangmarket.admin.entity.Site site) {
	createCacheObject("siteColumn");
	int siteid = 0;
	String content = "";
	for (int i = 0; i < siteColumnlist.size(); i++) {
		SiteColumn column = siteColumnlist.get(i);
		if(siteid == 0){
			siteid = column.getSiteid();
		}

		//根据type,来判断url的值
		if(column.getType() == column.TYPE_NEWS){
			column.setUrl("/newsList.do?cid="+column.getId());
		}else if (column.getType() == SiteColumn.TYPE_IMAGENEWS) {
			column.setUrl("/imageNewsList.do?cid="+column.getId());
		}else if (column.getType() == SiteColumn.TYPE_PAGE) {
			column.setUrl(AttachmentFile.netUrl()+"site/"+site.getId()+"/html/"+column.getId()+".html");
		}else if (column.getType() == SiteColumn.TYPE_LEAVEWORD) {
			column.setUrl("/leaveword.do?siteid="+siteid);
		}else if (column.getType() == SiteColumn.TYPE_HREF) {
			//5是超链接,忽略过
		}else if (column.getType() == SiteColumn.TYPE_HREF) {
			column.setUrl("#");
		}
		
		if(column.getIcon() == null || column.getIcon().length() == 0){
			column.setIcon(AttachmentFile.netUrl()+G.DEFAULT_SITE_COLUMN_ICON_URL);
		}
		String icon = column.getIcon().indexOf("://")==-1? AttachmentFile.netUrl()+"site/"+site.getId()+"/column_icon/"+column.getIcon():column.getIcon();
		content = content+" siteColumn["+i+"] = new Array();"
						+ " siteColumn["+i+"]['id'] = '"+column.getId()+"'; "
						+ " siteColumn["+i+"]['name'] = '"+StringUtil.Utf8ToString(column.getName())+"'; "
						+ " siteColumn["+i+"]['url'] = '"+column.getUrl()+"'; "
						+ " siteColumn["+i+"]['type'] = '"+column.getType()+"'; "
						+ " siteColumn["+i+"]['icon'] = '"+icon+"'; ";
	}
	
	if(siteid > 0){
		appendContent(content);
		generateCacheFile(site);
	}
}
 
Example 26
Source Project: wangmarket   Source File: IndexAboutUs.java    License: Apache License 2.0 4 votes vote down vote up
/**
	 * 刷新PC端网站首页的关于我们
	 * @param site
	 * @param siteColumn
	 * @param news 关于我们的信息内容
	 * @param text 关于我们的正文内容
	 * @param sourceIndexHtml 原首页的html字符串
	 * @return {@link IndexVO}
	 * 			<ul>
	 * 				<li>result:SUCCESS 替换了,首页有更新
	 * 				<li>result:FAILURE 没有替换,首页没有更新,此时无须更新首页的数据
	 * 			</ul>
	 * 			<br/>备注:此两种状态下,text均有值
	 */
	public static IndexVO refreshIndexData(Site site, SiteColumn siteColumn, News news, String text, String sourceIndexHtml){
		IndexVO vo = new IndexVO();
		
		//判断首页是否有跟此栏目相关的列表模版,若是没有的话,直接退出,不修改首页
		if(!Template.isAnnoCenterStringById_Have(sourceIndexHtml, Tag, siteColumn.getId()+"")){
			vo.setText(sourceIndexHtml);
			vo.setBaseVO(IndexVO.FAILURE, "没有更改");
			return vo;
		}
		Template t = new Template(site, true);
		//获得网站所用模版编号的,仅仅首页的模版
		String indexTemplateHtml = t.getIndexTemplateHtml_Only();
		//关于我们模块的内容块
		String aboutUsContent = Template.getAnnoCenterString(indexTemplateHtml, Tag);
		int sizeNumber = Template.getConfigValue(aboutUsContent, "sizeNumber", 100);	//显示条数
//				int tempSiteColumnId = Template.getConfigValue(aboutUsContent, "id", -1);	//该模块调用数据的 SiteColumn.id
				
//				//如果没有绑定栏目id的话,应该就是新增的了
//				if(tempSiteColumnId == 0){
					//若是新增,将当前的栏目ID加进去(将模版的模版快拿过去,当然得更改栏目id)
					aboutUsContent = Template.setConfigValue(aboutUsContent, "id", siteColumn.getId()+"");
//				}else{
//					//不是新增的,那么判断当前更改的信息是否是该模版的
//					if(tempSiteColumnId != siteColumn.getId()){
//						//跟新闻模块调用数据不匹配,不需要刷新
//						return;
//					}
//				}
				
		GenerateHTML gh = new GenerateHTML(site);
		aboutUsContent = gh.replaceSiteColumnTag(aboutUsContent, siteColumn);		//替换SiteColumn相关数据引用
		aboutUsContent = gh.replaceNewsListItem(aboutUsContent, news);					//替换News相关数据引用
		
		//内容截取
		String introContent = StringUtil.filterHtmlTag(text);
		if(introContent.length() > sizeNumber){
			introContent = introContent.substring(0, sizeNumber);
		}
		aboutUsContent = Template.replaceHtmlAnnoTag(aboutUsContent, "AboutUs_Text", introContent);	//替换关于我们的内容
		
		//将新生成的关于我们模块加入到原本已经生成好的网页中
		String newIndex = Template.replaceHtmlAnnoTag(sourceIndexHtml, Tag, aboutUsContent);
		vo.setText(newIndex);
		return vo;
	}
 
Example 27
Source Project: wangmarket   Source File: WebSocketServer.java    License: Apache License 2.0 4 votes vote down vote up
/**
	 * 收到客户端消息后调用的方法
	 * @param message 客户端发送过来的消息
	 * @param session 可选的参数
	 * @throws IOException 
	 */
	@OnMessage
	public void onMessage(String message, Session session) throws IOException {
		JSONObject json = JSONObject.fromObject(message);
		Message msg = new Message();
		msg.setContent(StringUtil.filterXss(json.getJSONObject("mine").getString("content")));
		msg.setSendAvatar(StringUtil.filterXss(json.getJSONObject("mine").getString("avatar")));
		msg.setSendId(json.getJSONObject("mine").getLong("id"));
		msg.setSendUserName(StringUtil.filterXss(json.getJSONObject("mine").getString("username")));
		
		msg.setSocketId(this.id);
		msg.setSocketUuid(this.uuid);
		
		if(json.getJSONObject("to") != null){
			JSONObject to = json.getJSONObject("to");
			if(to.get("avatar") != null){
				msg.setReceiveAvatar(StringUtil.filterXss(to.getString("avatar")));
			}
			if(to.get("id") != null){
				msg.setReceiveId(to.getLong("id"));
			}
			if(to.get("type") != null){
				msg.setReceiveType(StringUtil.filterXss(to.getString("type")));
			}
			if(to.get("username") != null){
				msg.setReceiveUserName(StringUtil.filterXss(to.getString("username")));
			}
			if(to.get("name") != null){
				msg.setReceiveUserName(StringUtil.filterXss(to.getString("name")));
			}
		}
		
		//记录信息
		KefuLog.insert(msg);
		
		//收到消息后,向目标方发送消息
		//首先查找目标方是否在socket链接
		WebSocketServer socket = Global.socketMap.get(msg.getReceiveId());
		if(socket == null){
			//对方已下线,那么进行判断,对方是游客还是网站用户若是注册用户的话,需要进行邮件发送提醒
			if(msg.getReceiveId() < Integer.MAX_VALUE){
				//是注册用户,那么从缓存中取接收方用户设置的Im
				Im im = Global.imMap.get(msg.getReceiveId());
				if(im == null){
					//缓存中没有记录,那么从数据库中取
//					Map<String, String> map = null;
//					try {
//						map = DB.getValue("SELECT auto_reply,use_off_line_email,email FROM im WHERE userid = "+ msg.getReceiveId());
//					} catch (SQLException e) {
//						e.printStackTrace();
//					}
					List<Im> imList = Sql.getSqlService().findByProperty(Im.class, "userid", msg.getReceiveId());
					if(imList.size() > 0){
						//有,用户设置了自己的自动回复策略
						im = imList.get(0);
					}else{
						//没有这个id得SiteIm设置,那么就是此用户没有设置自己的自动回复策略
						im = new Im();
						im.setHaveImSet(false);
					}
					
//					im = new Im();
//					if(map == null || map.size() == 0){
//						//没有这个id得SiteIm设置,那么就是此用户没有设置自己的自动回复策略
//						im.setHaveImSet(false);
//					}else{
//						//有,用户设置了自己的自动回复策略
//						im.setHaveImSet(true);
//						im.setEmail(map.get("email"));
//						im.setUseOffLineEmail(map.get("use_off_line_email") != null && map.get("use_off_line_email").equals("1"));
//						im.setAutoReply(map.get("auto_reply"));
//					}
					//将im缓存
					Global.imMap.put(msg.getReceiveId(), im);
				}
				
				if(im.isHaveImSet()){
					//使用自动回复策略
					//进行自动回复
					sendReply(im.getAutoReply(), msg);
					//进行邮件提醒
					if(im.isUseOffLineEmail()){
						sendMail(msg, im.getEmail());
					}
				}
			}else{
				//若没有设置自动回复策略,则回复默认的文字
				sendReply("抱歉,对方已下线!", msg);
			}
		}else{
			socket.sendMessageContent(msg.getContent(), msg);
		}
		
	}
 
Example 28
Source Project: wangmarket   Source File: UserServiceImpl.java    License: Apache License 2.0 4 votes vote down vote up
public BaseVO createUser(User user, HttpServletRequest request) {
	//用户名、密码进行xss、sql防注入
	user.setUsername(Safety.filter(user.getUsername()));
	user.setPassword(Safety.filter(user.getPassword()));
	
	//既然是注册新用户,那么用户名、密码一定是不能为空的
	if(user.getUsername()==null||user.getUsername().equals("")){
		return BaseVO.failure("用户名不能为空!");
	}
	if(user.getPassword()==null||user.getPassword().equals("")){
		return BaseVO.failure("密码不能为空!");
	}
	//用户名长度判断
	if(user.getUsername().length() > 20){
		return BaseVO.failure(Language.show("user_userNameToLong"));
	}
	
	//判断用户名、邮箱、手机号是否有其中已经注册了,唯一性
	//邮箱的唯一,仅当邮箱设置了之后,才会判断邮箱的唯一性
	if(user.getEmail() != null && user.getEmail().length() > 0){
		if(sqlDAO.findByProperty(User.class, "email", user.getEmail()).size() > 0){
			return BaseVO.failure(Language.show("user_regFailureForEmailAlreadyExist"));
		}
	}
	//判断用户名唯一性
	if(sqlDAO.findByProperty(User.class, "username", user.getUsername()).size() > 0){
		return BaseVO.failure(Language.show("user_regFailureForUsernameAlreadyExist"));
	}
	//判断手机号唯一性
	if(user.getPhone() != null && user.getPhone().length() > 0){
		if(findByPhone(user.getUsername()) != null){
			return BaseVO.failure(Language.show("user_regFailureForPhoneAlreadyExist"));
		}
	}
	
	if(user.getRegip() == null){
		user.setRegip(IpUtil.getIpAddress(request));
	}
	if(user.getLastip() == null){
		user.setLastip(IpUtil.getIpAddress(request));
	}
	if(user.getRegtime() == null){
		user.setRegtime(DateUtil.timeForUnix10());
	}
	if(user.getLasttime() == null){
		user.setLasttime(DateUtil.timeForUnix10());
	}
	if(user.getNickname() == null){
		user.setNickname(user.getUsername());
	}else{
		user.setNickname(StringUtil.filterXss(Sql.filter(user.getNickname())));
	}
	if(user.getAuthority() == null){
		user.setAuthority(Global.get("USER_REG_ROLE"));
	}
	if(user.getCurrency() == null){
		user.setCurrency(0);
	}
	if(user.getReferrerid() == null){
		//当前登录的用户id
		user.setReferrerid(ShiroFunc.getUserId());
	}
	if(user.getIsfreeze() == null){
		user.setIsfreeze(User.ISFREEZE_NORMAL);
	}
	if(user.getHead() == null){
		user.setHead("default.png");
	}else{
		user.setHead(Safety.filter(user.getHead()));
	}
	if(user.getId() != null){
		user.setId(null);
	}
	
	/* 密码加密,保存 */
	Random random = new Random();
	user.setSalt(random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+"");
	String md5Password = generateMd5Password(user.getPassword(), user.getSalt());
	user.setPassword(md5Password);
	sqlDAO.save(user);
	
	if(user.getId()>0){
		//已注册成功
		
		//赋予该用户系统设置的默认角色
		UserRole userRole = new UserRole();
		userRole.setRoleid(Lang.stringToInt(user.getAuthority(), Global.getInt("USER_REG_ROLE")));
		userRole.setUserid(user.getId());
		sqlDAO.save(userRole);
		
		BaseVO vo = new BaseVO();
		vo.setBaseVO(BaseVO.SUCCESS, user.getId()+"");
		return vo;
	}else{
		return BaseVO.failure(Language.show("user_regFailure"));
	}
}
 
Example 29
Source Project: wangmarket   Source File: ApiServiceImpl.java    License: Apache License 2.0 4 votes vote down vote up
public UserVO identityVerify(String key) {
	UserVO vo = new UserVO();
	/*
	 * 验证Key的格式
	 */
	if(key.length() < 128 || key.indexOf("_") == -1){
		vo.setBaseVO(UserVO.FAILURE, "key错误1");
		return vo;
	}
	
	String[] ks = key.split("_");
	if(ks[0].length() == 0 || ks[1].length() == 0){
		vo.setBaseVO(UserVO.FAILURE, "key错误2");
		return vo;
	}
	
	int userid = Lang.stringToInt(ks[0], 0);
	if(userid == 0){
		vo.setBaseVO(UserVO.FAILURE, "key错误3");
		return vo;
	}
	String pwd = StringUtil.removeBlank(ks[1]);
	if(pwd.length() != 128){
		vo.setBaseVO(UserVO.FAILURE, "key错误4");
		return vo;
	}
	
	/*
	 * 验证Key是否存在
	 * 获取代理商的user信息
	 */
	User user = sqlDAO.findById(User.class, userid);
	if(user == null){
		//统一提示,避免被利用
		vo.setBaseVO(UserVO.FAILURE, "key错误5");
		return vo;	
	}
	if(!passwordMD5(user.getPassword()).equals(pwd)){
		vo.setBaseVO(UserVO.FAILURE, "key错误6");
		return vo;
	}
	
	vo.setUser(user);
	return vo;
}
 
Example 30
Source Project: wangmarket   Source File: BaseController.java    License: Apache License 2.0 2 votes vote down vote up
/**
 * 过滤安全隐患,进行xss、sql注入过滤
 * @return 过滤好的字符
 */
public String filter(String text){
	return StringUtil.filterXss(Sql.filter(text));
}