/*********************************************************************************************************
 * : UploadedFiles.java : 2003.12.30 : 2003.11.15
 **********************************************************************************************************/

package kr.co.kihyun.io;

import java.io.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class OPTFileReader {
        
    private static final Logger LOG = LoggerFactory.getLogger(OPTFileReader.class);
                
    public String fileRead(String fileName) {                                                                                                                                                                                                                                      
            
        String line = "";
        StringBuffer strbuf = new StringBuffer();
        int count = 0;
        
        //9.디렉토리 경로 조작(프로퍼티로딩)_CWE-22/23 : Add by KWON,HAN
        if(fileName.contains("..") || fileName. contains("/")) { // 특수문자열 검증
            LOG.debug("9.디렉토리 경로 조작(프로퍼티로딩)_CWE-22/23 : Not Test {}", fileName);
            strbuf.toString();
        }
        //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
        
        try {
            FileReader fr = new FileReader(fileName);
            BufferedReader inFile = new BufferedReader(fr);
            
            //v2 36.경쟁조건 : 검사시점과 사용시점 (File)_CWE-367 : Update by YOUNGJUN,CHO
            /*
            while (true) {
                line = inFile.readLine();
                if (line == null) {
                    break;
                }
                strbuf.append(line);
                count++;
            }
            */
            while ((line = inFile.readLine()) != null) {
                strbuf.append(line);
                count++;
            }
            //================================================
            
            return strbuf.toString();
        } catch (FileNotFoundException fnfe) {
            //34.오류메세지를 통한 정보 노출(toString)_CWE-209 : Update by YOUNGJUN,CHO
            //System.out.println("The file " + fileName + " was not found.");
            LOG.error("\nThe file {} was not found.", fileName);
            //================================================
            return strbuf.toString();
        } catch (IOException ioe) {
            //34.오류메세지를 통한 정보 노출(toString)_CWE-209 : Update by YOUNGJUN,CHO
            //System.out.println(exception);
            LOG.error("\nOPTFileReader fileRead() Exception - {}", ioe.toString());
            //================================================
            return strbuf.toString();
        } catch (ArrayIndexOutOfBoundsException aiobe) {
            return strbuf.toString();
        }
    }

    /*
     * public static void main (String[] args){ TestHtml testHtml = new TestHtml();
     * 
     * String html = ""; String fileName = "./sample1.htm"; html = testHtml.fileReader(fileName);
     * 
     * System.out.println("\n\nhtml: " + html); }
     */
}