| Frames | No Frames |
1: /* =========================================================== 2: * JFreeChart : a free chart library for the Java(tm) platform 3: * =========================================================== 4: * 5: * (C) Copyright 2000-2007, by Object Refinery Limited and Contributors. 6: * 7: * Project Info: http://www.jfree.org/jfreechart/index.html 8: * 9: * This library is free software; you can redistribute it and/or modify it 10: * under the terms of the GNU Lesser General Public License as published by 11: * the Free Software Foundation; either version 2.1 of the License, or 12: * (at your option) any later version. 13: * 14: * This library is distributed in the hope that it will be useful, but 15: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 16: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public 17: * License for more details. 18: * 19: * You should have received a copy of the GNU Lesser General Public 20: * License along with this library; if not, write to the Free Software 21: * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 22: * USA. 23: * 24: * [Java is a trademark or registered trademark of Sun Microsystems, Inc. 25: * in the United States and other countries.] 26: * 27: * ----------------- 28: * DisplayChart.java 29: * ----------------- 30: * (C) Copyright 2002-2007, by Richard Atkinson and Contributors. 31: * 32: * Original Author: Richard Atkinson; 33: * Contributor(s): David Gilbert (for Object Refinery Limited); 34: * 35: * $Id: DisplayChart.java,v 1.2.2.3 2007/02/02 15:03:19 mungady Exp $ 36: * 37: * Changes 38: * ------- 39: * 19-Aug-2002 : Version 1; 40: * 09-Mar-2005 : Added facility to serve up "one time" charts - see 41: * ServletUtilities.java (DG); 42: * ------------- JFREECHART 1.0.x --------------------------------------------- 43: * 02-Feb-2007 : Removed author tags all over JFreeChart sources (DG); 44: * 45: */ 46: 47: package org.jfree.chart.servlet; 48: 49: import java.io.File; 50: import java.io.IOException; 51: 52: import javax.servlet.ServletException; 53: import javax.servlet.http.HttpServlet; 54: import javax.servlet.http.HttpServletRequest; 55: import javax.servlet.http.HttpServletResponse; 56: import javax.servlet.http.HttpSession; 57: 58: /** 59: * Servlet used for streaming charts to the client browser from the temporary 60: * directory. You need to add this servlet and mapping to your deployment 61: * descriptor (web.xml) in order to get it to work. The syntax is as follows: 62: * <xmp> 63: * <servlet> 64: * <servlet-name>DisplayChart</servlet-name> 65: * <servlet-class>org.jfree.chart.servlet.DisplayChart</servlet-class> 66: * </servlet> 67: * <servlet-mapping> 68: * <servlet-name>DisplayChart</servlet-name> 69: * <url-pattern>/servlet/DisplayChart</url-pattern> 70: * </servlet-mapping> 71: * </xmp> 72: */ 73: public class DisplayChart extends HttpServlet { 74: 75: /** 76: * Default constructor. 77: */ 78: public DisplayChart() { 79: super(); 80: } 81: 82: /** 83: * Init method. 84: * 85: * @throws ServletException never. 86: */ 87: public void init() throws ServletException { 88: return; 89: } 90: 91: /** 92: * Service method. 93: * 94: * @param request the request. 95: * @param response the response. 96: * 97: * @throws ServletException ??. 98: * @throws IOException ??. 99: */ 100: public void service(HttpServletRequest request, 101: HttpServletResponse response) 102: throws ServletException, IOException { 103: 104: HttpSession session = request.getSession(); 105: String filename = request.getParameter("filename"); 106: 107: if (filename == null) { 108: throw new ServletException("Parameter 'filename' must be supplied"); 109: } 110: 111: // Replace ".." with "" 112: // This is to prevent access to the rest of the file system 113: filename = ServletUtilities.searchReplace(filename, "..", ""); 114: 115: // Check the file exists 116: File file = new File(System.getProperty("java.io.tmpdir"), filename); 117: if (!file.exists()) { 118: throw new ServletException("File '" + file.getAbsolutePath() 119: + "' does not exist"); 120: } 121: 122: // Check that the graph being served was created by the current user 123: // or that it begins with "public" 124: boolean isChartInUserList = false; 125: ChartDeleter chartDeleter = (ChartDeleter) session.getAttribute( 126: "JFreeChart_Deleter"); 127: if (chartDeleter != null) { 128: isChartInUserList = chartDeleter.isChartAvailable(filename); 129: } 130: 131: boolean isChartPublic = false; 132: if (filename.length() >= 6) { 133: if (filename.substring(0, 6).equals("public")) { 134: isChartPublic = true; 135: } 136: } 137: 138: boolean isOneTimeChart = false; 139: if (filename.startsWith(ServletUtilities.getTempOneTimeFilePrefix())) { 140: isOneTimeChart = true; 141: } 142: 143: if (isChartInUserList || isChartPublic || isOneTimeChart) { 144: // Serve it up 145: ServletUtilities.sendTempFile(file, response); 146: if (isOneTimeChart) { 147: file.delete(); 148: } 149: } 150: else { 151: throw new ServletException("Chart image not found"); 152: } 153: return; 154: } 155: 156: }