Web开发小结 - 1
Jetty配置
在插件位置配置jetty, 在配置的时候也可以不指定插件的版本, 默认使用
<
plugin
>
< groupId >org.mortbay.jetty groupId >
< artifactId >maven-jetty-plugin artifactId >
< version >6.1.9 version >
plugin >
< groupId >org.mortbay.jetty groupId >
< artifactId >maven-jetty-plugin artifactId >
< version >6.1.9 version >
plugin >
jetty->请求的操作无法在使用用户映射区域打开的文件上执行
jetty\etc\webdefault.xml中
-
useFileMappedBuffer
-
true
-
原贴http://docs.codehaus.org/display/JETTY/Files+locked+on+Windows
或者在web.xml中插入如下信息:
- <servlet>
- <servlet-name>defaultservlet-name>
- <servlet-class>org.mortbay.jetty.servlet.DefaultServletservlet-class>
- <init-param>
- <param-name>useFileMappedBufferparam-name>
- <param-value>falseparam-value>
- init-param>
- <load-on-startup>0load-on-startup>
- servlet>
jetty->请求的操作无法在使用用户映射区域打开的文件上执行
-
useFileMappedBuffer -
true
原贴http://docs.codehaus.org/display/JETTY/Files+locked+on+Windows
或者在web.xml中插入如下信息:
- <servlet>
- <servlet-name>defaultservlet-name>
- <servlet-class>org.mortbay.jetty.servlet.DefaultServletservlet-class>
- <init-param>
- <param-name>useFileMappedBufferparam-name>
- <param-value>falseparam-value>
- init-param>
- <load-on-startup>0load-on-startup>
- servlet>
1、Filter设置统一字符集
【注意】filter只对post请求起作用,对get请求不起作用
1.Filter设置统一字符集类:CharsetEncodingFilter.java
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- /**
- * 统一设置字符集
- *
- */
- public class CharsetEncodingFilter implements Filter {
-
- private String encoding;
-
- public void destroy() {
- }
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain filterChain) throws IOException, ServletException {
-
- //设置字符集
- servletRequest.setCharacterEncoding(encoding);
- filterChain.doFilter(servletRequest, servletResponse);
- }
- public void init(FilterConfig filterConfig) throws ServletException {
- //取得初始化参数
- this.encoding = filterConfig.getInitParameter("encoding");
- }
- }
2.在web.xml增加以下内容
- <filter>
- <filter-name>CharsetEncodingFilterfilter-name>
- <filter-class>com.lx.filter.CharsetEncodingFilterfilter-class>
- <init-param>
- <param-name>encodingparam-name>
- <param-value>GB18030param-value>
- init-param>
- filter>
-
- <filter-mapping>
- <filter-name>CharsetEncodingFilterfilter-name>
- <url-pattern>*.jspurl-pattern>
- filter-mapping>
2、JSP中路径查找的解决方案
- <%
- String path = request.getContextPath();
- String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
- %>
在JSP的正文部分开头加上如下代码则之下的代码直接从根(WebRoot)开始查找
- <base href="<%=basePath %>">
3、文件上传
(1)提交方式必须为post,且指定enctype="multipart/form-data"
- <body class="body1">
- <form name="itemForm" target="_self" id="itemForm" action="servlet/basedata/ItemUploadServlet" enctype="multipart/form-data" method="post">
- <input type="hidden" name="itemNo" value="<%=item.getItemNo() %>">
- <div align="center">
- <tr>
- <td height="74">
- <div align="right">
- 图片:
- div>
- td>
- <td>
- <img src="upload/<%=item.getItemNo() %>.gif" width="85" height="49">
- td>
- tr>
- <tr>
- <td width="22%" height="29">
- <div align="right">
- <font color="#FF0000">*font>选择图片:
- div>
- td>
- <td width="78%">
- <input name="fileName" type="file" class="text1" size="40" maxlength="40">
- td>
- tr>
- table>
- <hr width="97%" align="center" size=0>
- <div align="center">
- <input name="btn_upload" class="button1" type="submit"
- id="btn_upload" value="上传">
-
- <input name="btnBack" class="button1" type="button" id="btnBack"
- value="返回" onClick="location='<%=basePath %>servlet/basedata/SearchItemServlet'">
- div>
- div>
- form>
- body>
ItemUploadServlet.java用于处理文件的上传
- public class ItemUploadServlet extends HttpServlet {
-
- //private String uploadPath = "D:\\apache-tomcat-5.5.26\\webapps\\drp4.5\\upload\\"; // 用于存放上传文件的目录
-
- // 用于存放临时文件的目录
- private File tempPath = null;
-
- private File uploadPath = null;
-
- @Override
- public void init() throws ServletException {
- //取得临时交换目录
- tempPath = new File(this.getServletContext().getRealPath("temp"));
- //如果目录不存在,创建一个
- if (!tempPath.exists()) {
- tempPath.mkdir();
- }
- //取得上传路径
- uploadPath = new File(this.getServletContext().getRealPath("upload"));
- //如果目录不存在,创建一个
- if (!uploadPath.exists()) {
- uploadPath.mkdir();
- }
- }
-
- @SuppressWarnings({ "unused", "unchecked" })
- public void doPost(HttpServletRequest req, HttpServletResponse res)
- throws ServletException, IOException {
- //采用request不能取得普通表单数据
- //String itemNo = req.getParameter("itemNo");
- DiskFileItemFactory factory = new DiskFileItemFactory();
- // maximum size that will be stored in memory
- factory.setSizeThreshold(4096);
- // the location for saving data that is larger than getSizeThreshold()
- factory.setRepository(tempPath);
-
- ServletFileUpload upload = new ServletFileUpload(factory);
- // maximum size before a FileUploadException will be thrown
- upload.setSizeMax(1000000);
- try {
- List fileItems = upload.parseRequest(req);
- Iterator iter = fileItems.iterator();
- String itemNo = "";
- while (iter.hasNext()) {
- FileItem item = (FileItem) iter.next();
- if (item.isFormField()) {
- if ("itemNo".equals(item.getFieldName())) {
- itemNo = item.getString();
- }
- //if ("itemName".equals(item.getFieldName())) {
- //
- //}
- }
- // 忽略其他不是文件域的所有表单信息
- if (!item.isFormField()) {
- String fileName = item.getName();
- fileName = fileName.substring(fileName.lastIndexOf("\\"), fileName.length());
- String fullFilePath = uploadPath + "\\" + itemNo + ".gif";
- item.write(new File(fullFilePath));
- res.sendRedirect(req.getContextPath() + "/servlet/basedata/SearchItemServlet");
- }
- }
- } catch (Exception e) {
- throw new AppException("文件上传失败!");
- }
- }
- }
4、获取本机的IP地址和计算机名, 可放在提交表单的隐含域中进行提交到服务器中
在jsp中使用时加入:<%@ page import="java.net.InetAddress" %>
- InetAddress addr = InetAddress.getLocalHost();
- String ip=addr.getHostAddress().toString();//获得本机IP
- String address=addr.getHostName().toString();//获得本机名称
5、使用index.html定位login.jsp页面,则可直接输入工程名即可访问登陆页面
index.html:location完成跳转
- <script>
- location="login.jsp";
- script>
使用html页面转换为jsp页面时需要去掉html的相关信息,而在头部添加信息:
jsp头部如下:
- <%@ page language="java" contentType="text/html; charset=GB18030"
- pageEncoding="GB18030"%>
html头部如下:
- >
6、JSP中的指令
JSP指令的用途非常简单,它只是告诉JSP引擎对JSP页面如何编译。因此它不包含业务逻辑,也不修改out流。这些指令始终被括在 “<%@ ?%>”标记中。两个最重要的指令是“pagePage”和“Include”。
(1)引入java代码指令:
- <%@ page import="com.util.*" %>
(2)page指令
基本语法
page 指令是以<%@ page 起始,以%>结束:
<%@ page attribute1=“value1” attribute2= “value2” attribute3=…%>
3、Include指令
<%@ include file="url"%>
file的属性值被解释为相对于当前jsp文件的URL.
7、是否显示目录下面所有文件: Tomcat中web..xml设置 - listings
修改配置文件: %Catalina%/conf/web.xml
找到:
default: true // display the Directory Listing for
false // disable
8、多浏览器测试工具IETester
download: http://www.my-debugbar.com/wiki/IETester/HomePage
9、SQL注入问题 - 由于SQL拼串所造成的
由于”or '1'='1'“导致了通过验证,具体方式如下:
- * 登录,演示SQL注入
- 用户:aaaaa
- 密码:' or '1'='1
- 形成的sql语句如下:select * from t_user where user_id='aaaaa' and password='' or '1'='1'
10、404或500错误处理
在web.xml中配置
- <error-page>
- <exception-type>com.company.util.AppExceptionexception-type>
- <location>/error.jsplocation>
- error-page>
-
- <error-page>
- <error-code>404error-code>
- <location>/http_error.jsplocation>
- error-page>
-
- <error-page>
- <error-code>500error-code>
- <location>/http_error.jsplocation>
- error-page>
在http_error.jsp中取得错误代码进行跳转
- <body>
- <%
- Integer errorCode = (Integer)request.getAttribute("javax.servlet.error.status_code");
- //System.out.println("http_error=" + errorCode);
- if (errorCode == 404) {
- response.sendRedirect(request.getContextPath() + "/404.html");
- }else if (errorCode == 500) {
- response.sendRedirect(request.getContextPath() + "/500.html");
- }
- %>
- body>
404.html
- <html>
- <head>
- <meta http-equiv="content-type" content="text/html;charset=gb2312" />
- head>
- <body>
- 未找到请求的页面
- body>
- html>
500.html
- <html>
- <head>
- <meta http-equiv="content-type" content="text/html;charset=gb2312" />
- head>
- <body>
- 系统出现错误,请与系统管理员联系!
- body>
- html>
11、文本框中的Disabled和ReadOnly的区别
设置为Diabled无法通过request.getParameter("userId")取得内容,而readonly是可以的
- <table width="95%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td width="22%" height="29">
- <div align="right">
- 用户代码:
- div>
- td>
- <td width="78%">
- <input name="userId" type="text" class="text1" id="userId"
- size="10" maxlength="10" readonly="true" value="<%=user.getUserId() %>">
- td>
- tr>
- table>
12、Fileter处理对字符集进行统一的处理
在web.xml中进行配置filter, 它体现了一种‘责任链’模式
- <filter>
- <filter-name>CharsetEncodingFilterfilter-name>
- <filter-class>com.company.util.filter.CharsetEncodingFilterfilter-class>
- <init-param>
- <param-name>encodingparam-name>
- <param-value>GB18030param-value>
- init-param>
- filter>
-
- <filter-mapping>
- <filter-name>CharsetEncodingFilterfilter-name>
- <url-pattern>*.jspurl-pattern>
- filter-mapping>
- import java.io.IOException;
-
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
-
- /**
- * 统一设置字符集
- * @author Administrator
- *
- */
- public class CharsetEncodingFilter implements Filter {
-
- private String encoding;
-
- public void destroy() {
- }
-
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain filterChain) throws IOException, ServletException {
-
- //设置字符集
- servletRequest.setCharacterEncoding(encoding);
- System.out.println("CharsetEncodingFilter.doFilter--begin");
- filterChain.doFilter(servletRequest, servletResponse);
- System.out.println("CharsetEncodingFilter.doFilter--end");
- }
-
- public void init(FilterConfig filterConfig) throws ServletException {
- //取得初始化参数
- this.encoding = filterConfig.getInitParameter("encoding");
- System.out.println("CharsetEncodingFilter.init() encoding=" + this.encoding);
- }
- }
也可以在实现fileter的类进行处理, 之前之后处理完成想要完成的事情, 比如直接设置字符集处理等
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
-
- /**
- * 统一设置字符集
- * @author Administrator
- *
- */
- public class CharsetEncodingFilter implements Filter {
-
- public void destroy() {
- }
-
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain filterChain) throws IOException, ServletException {
-
- //设置字符集
- servletRequest.setCharacterEncoding("GB18030");
- filterChain.doFilter(servletRequest, servletResponse);
- }
-
- public void init(FilterConfig filterConfig) throws ServletException {
- }
- }
13、HTTPLOOK查看http访问过程
download:http://www.skycn.com/soft/10782.html
14、配置安全的访问页面, 访问WEB-INF下面的页面
WEB-INF下面的内容对外面来讲是不能访问的,如果需要访问,可以通过配置web.xml来解决。
- <servlet>
- <servlet-name>demoservlet-name>
- <jsp-file>/WEB-INF/hello.jsp</jsp-file>
- - <init-param>
- <param-name>driverparam-name>
- <param-value>oracle.jdbc.driver.OracleDriverparam-value>
- init-param>
- - <init-param>
- <param-name>urlparam-name>
- <param-value>jdbc:oracle:thin:@localhost:1521:sidparam-value>
- init-param>
- servlet>
- - <servlet-mapping>
- <servlet-name>demoservlet-name>
- <url-pattern>/hello.welcomeurl-pattern>
- servlet-mapping>
通过config取得初始化参数:
- <html>
- <head>
- <title>HELLO JSP WORLD!!!title>
- head>
- <body>
- <h1><%=config.getInitParameter("driver")%>h1>
- <h1><%=config.getInitParameter("url")%>h1>
- body>
- html>
15、配置tomcat的虚拟目录
xmlValidation="false" xmlNamespaceAware="false">
Tomcat的conf\server.xml文件中上面配置 context的reloadable属性的时候,设置了path和docBase,
如果说path是Tomcat的wabapps目录下的项目名称,那么docBase是设置的那个路径呢?
答疑:
path对应的是我们每次在访问一个网站的时候在浏览器上输入的虚拟目录路径,而服务器上的具体的对应的目录就是docBase。实际上二者是一个映射过程。
则可通过http://localhost:8080/helloworld/index.jsp来访问目录
d:\demoes\webdemo\WebRoot下面的index.jsp页面。