jskim
/
moumiGitKohom
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
71 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 84421146b6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '84421146b6'
${ noResults }
moumiGitKohom/webapps/totsys/sysadm/org/file_view.jsp

143 lines
6.8 KiB
Raw Blame History

<%@ page contentType="text/html; charset=euc-kr"
import="kr.co.kihyun.beans.user.HttpSSOLogin"
import="kr.co.kihyun.text.html.ServletUtil"
import="java.net.URLEncoder" import="kr.co.kihyun.moumi.Moumi"
import="kr.co.kihyun.lang.Encoder" import="kr.co.kihyun.lang.MString"
import="java.io.File" import="java.io.FileReader"
import="java.io.BufferedReader"%>
<%@ include file="/totsys/common/inc/sec/secure.inc.jsp"%>
<%
try{
/*********** User HttpSSOLogin check ***********/
if(!HttpSSOLogin.isLogin(request)){
//login 성공후 되돌아올 주소
String connURL="opener.location='/totsys/login/login.jsp';";
out.println(ServletUtil.getJavaScript(connURL));
out.println(ServletUtil.getJavaScript("window.close();"));
return;
}
/********** session내의 userId **********/
String usID = HttpSSOLogin.getLoginID(request);
/****** Parameter ******/
String mode = "";
mode = clearXSS(request.getParameter("mode"),"");
String fileName = MString.checkNull(request.getParameter("fileName"));
String dirPath = URLEncoder.encode("<a href=\"/totsys/sysadm/qaboard/board_list.jsp\" class=\"d11_blue\">"+Moumi.getMessageBundle().getString("moumi.message.tot_doc.notice")+"</a>", "UTF-8");
File file = null;
//25.디렉토리 경로 조작(BufferedReader)_CWE-22/23 : Add by KWON,HAN
//29.디렉토리 경로 조작(getParameter)_CWE-22/23 : Add by KWON,HAN
// 특수문자열 포함여부 체크
if(fileName.contains("..") || fileName. contains("/")) {
out.println("<script>alert('파일명에 특수문자(.. 또는 /)가 포함되어 있습니다.');</script>");
return;
}
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if(MString.isNull(fileName)){
file = new File(Moumi.getRoot().getPath()+System.getProperty("file.separator")+"user.csv");
}else{
//v2.15.new File을 통한 임의 파일 다운로드 : Add by KWON,HAN
//비고 : 이전에 해결책에 따라 적용하였지만 다시 취약점을 판정되어 if문장 중에서 else문에 해결책을 적용함
if(fileName.contains("..") || fileName. contains("/")) {
out.println("<script>alert('파일명에 특수문자(.. 또는 /)가 포함되어 있습니다.');</script>");
return;
}
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
file = new File(Moumi.getCsvFileRoot().getPath()+System.getProperty("file.separator")+fileName);
}
if(!file.exists()) return;
FileReader fr = new FileReader(file); // 위에서 특수문자(../)등이 입력 값에 포함되어 있는지를 검사합니다.
BufferedReader br = new BufferedReader(fr);
String user = "";
boolean error = false;
%>
<%@page import="kr.co.kihyun.lang.MLong"%>
<%@page import="kr.co.kihyun.beans.user.Dept"%><HTML>
<HEAD>
<TITLE><%=Moumi.getTitle()%></TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=euc-kr">
<link rel="stylesheet" href="/totsys/common/css/text.css"
type="text/css">
<script src="/totsys/common/js/rollover.js"></script>
<link rel="stylesheet" href="/totsys/common/css/kecttep.css"
type="text/css">
</HEAD>
<body style='' BGCOLOR=#FFFFFF LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0
MARGINHEIGHT=0>
<table width="100%" height="70" border="0" cellpadding="0"
cellspacing="0">
<!---- top menu 시작 ---->
<jsp:include page="/totsys/common/inc/sysadm/top/top.jsp" flush="true">
<jsp:param name="dirPath" value="<%= dirPath %>" />
</jsp:include>
<!---- top menu 끝 ---->
<table border="1px" class="kecttep_list_table" bordercolor="#e3e3e3"
width="100%" cellpadding="0" cellspacing="0">
<tr valign="middle" style="padding-top: 3px">
<td class="kecttep_tdmenu" align="center" nowrap><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.user")%> ID</td>
<td class="kecttep_tdmenu" align="center"><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.password")%></td>
<td class="kecttep_tdmenu" align="center" nowrap><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.user")%> <%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.userName")%></td>
<td class="kecttep_tdmenu" align="center" nowrap><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.reached")%></td>
<td class="kecttep_tdmenu" align="center" nowrap>E-Mail</td>
<td class="kecttep_tdmenu" align="center" nowrap><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.position")%></td>
<td class="kecttep_tdmenu" align="center" nowrap><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.rank")%></td>
<td class="kecttep_last_tdmenu" align="center" nowrap><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.devision")%>ID</td>
</tr>
<% for(user = br.readLine(); user != null; user = br.readLine()){
if(user.equals("") || user==null)
break;
String[] user_Cnvt = user.split(",");
%>
<tr style="padding-top: 3px" valign="middle"
onmouseover="this.style.backgroundColor='F9F9F9'"
onmouseout="this.style.backgroundColor='white'" bgColor=#ffffff>
<%for(int i=0; i < user_Cnvt.length; i++){%>
<td width="80" nowrap class="kecttep_graytd" align="center"
<%if(user_Cnvt.length != 8){
error = true;%> bgcolor="red"
<%}else if(user_Cnvt.length == 8 && new Dept().getName(user_Cnvt[7]).equals("")){
error = true;%>
bgcolor="red" <%}%>>&nbsp;&nbsp;<%= MString.checkNull(user_Cnvt[i].trim())%>
</td>
<%}%>
</tr>
<%}%>
<tr>
<td colspan="8" nowrap class="kecttep_graytd" align="center"><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.csv")%><a
href="/servlet/kr.co.kihyun.text.html.HttpViewer?saveAs=user.csv&fileName=user.csv&mode=csv"
target="new"><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.exFile")%></a> <font color="red"><strong><%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.exFileOpen")%></strong></font></td>
</tr>
</table>
<FORM name="insertPersonData"
action="/servlet/kr.co.kihyun.beans.totsys.sysadm.input.HttpUserRegister"
method="post"><INPUT type="hidden" name="fileName"
value="<%= fileName %>"> <INPUT type="hidden" name="mode"
value="<%= mode %>"> <INPUT type="hidden" name="error"
value="<%= error %>"></FORM>
<!------------------------------- top menu start ------------------------------->
<%@ include file="/totsys/common/inc/buttom/buttom.jsp"%>
<!------------------------------- top menu end ------------------------------->
</table>
</BODY>
</HTML>
<%
}catch(Exception ex){
//38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO
ex.printStackTrace();
//out.println(ex);//앤개
//out.println("<html><body style='overflow=auto' bgcolor='white'><h1>Can't contact servlet runner</h1><br><br>Message : "+ex.getMessage()+"</body></html>");
//out.println("<META HTTP-EQUIV='refresh' CONTENT='0.1; URL=/error/exception.jsp'>");
//================================================
}finally{
}
%>