jskim
/
moumiKnu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
knu project
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
69 MiB
 
 
 
 
 
 
Tag: Branch: Tree: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
moumiKnu/webapps/totsys/common/inc/board/doc/write_file_upload.jsp

400 lines
18 KiB
Raw Permalink Blame History

<%
/**********************************************************************************
프로그램명 : write_file_upload.jsp
프로그램설명 : 공지사항 파일 업로드관련
작 성 자 : 기현테크
작 성 일 : 2003. 5.28
최신변경일 : 2010. 11.24
***********************************************************************************/
%>
<%@ page contentType="text/html; charset=UTF-8"%>
<%@ page import="java.net.*"%>
<%@ page import="kr.co.kihyun.lang.Encoder"%>
<%@ page import="kr.co.kihyun.lang.MString"%>
<%@ page import="java.util.ResourceBundle"%>
<%@ page import="kr.co.kihyun.moumi.Moumi"%>
<%@ include file="/totsys/common/inc/sec/secure.inc.jsp"%>
<%
try {
/****** Parameter ******/
String execMode = "";
String svrFilename = "";
String usrFilename = "";
String boardGroupID = "";
String mode = "";
String docID = "";
String reportID = "";
String boardID = "";
String path = "";
execMode = request.getParameter("execMode");
svrFilename = URLDecoder.decode(MString.checkNull(request.getParameter("svrFilename")), "UTF-8");
usrFilename = URLDecoder.decode(MString.checkNull(request.getParameter("usrFilename")), "UTF-8");
boardGroupID = request.getParameter("boardGroupID");
mode = MString.checkNull(request.getParameter("mode"));
docID = MString.checkNull(request.getParameter("docID"));
reportID = MString.checkNull(request.getParameter("reportID"));
boardID = MString.checkNull(request.getParameter("boardID"));
path = MString.checkNull(request.getParameter("path"));
String MSG = request.getParameter("MSG");
//System.out.print("MSG::::" + MSG);
String maxSize = request.getParameter("maxSize");
if (maxSize == null || maxSize.equals("")) {
maxSize = "10";
}
String tmpMsg = "";
String pageFlag = clearXSS(request.getParameter("pageFlag"), "1");
if (pageFlag.equals("1")) {
tmpMsg = "- 관련자료 선택 후 추가버튼";
} else if (pageFlag.equals("2")) {
tmpMsg = "- 파일로 제출할 경우에만 추가하세요";
}
%>
<!DOCTYPE html>
<html lang="ko">
<head>
<meta charset="UTF-8">
<title>파일업로드</title>
<link rel="stylesheet" href="/totsys/common/css/text.css" type="text/css">
<link rel="stylesheet" href="/totsys/common/css/basic.css" type="text/css">
<script src="/totsys/common/js/rollover.js"></script>
<% if (MSG != null) {%>
<script>
var msg='<%=MSG%>';
if(msg=="-99") alert("파일사이즈가 제한용량("+<%=maxSize%>+"Mega Byte) 보다 크기때문에 업로드할수 없습니다");
else if(msg=="-77") alert("파일명의 길이가 너무 길어 처리할수 없습니다.")
else if(msg=="-88") alert("파일 업로드중 에러가 발생했습니다.");
else if(msg=="-33") alert("확장자가 없는 파일입니다."); //7.위험한 형식 파일 업로드(MultipartRequest)_CWE-434 : Add by KWON,HAN
else if(msg=="-55") alert("확장자가 [exe, bat, sh]는 업로드가 제한된 파일입니다."); //7.위험한 형식 파일 업로드(MultipartRequest)_CWE-434 : Add by KWON,HAN
else if(msg=="-44") alert("디렉토리 경로에 특수문자(.. 또는 /)가 포함되어 있습니다."); //3.디렉토리 경로 조작(getParameter)_CWE-22/23/36 : Add by KWON,HAN
</script>
<% }%>
<%
String chkExt = "";
if (execMode != "init") {
chkExt = checkext(svrFilename, "");
if (chkExt.equals("false")) {
execMode = "error";
}
chkExt = checkext(usrFilename, "");
if (chkExt.equals("false")) {
execMode = "error";
}
}
%>
<script>
<%if ("csv".equals(mode)) {%>
parent.viewPage.location='/totsys/sysadm/org/file_view.jsp?fileName=<%=svrFilename%>';
<%}%>
function checkVal() {
var frm = document.upFrm;
var filename = frm.appendFile.value;
var tempFileName = "";
var refreshFileName = "";
if(filename == ""){
alert ('<%=Moumi.getMessageBundle().getString("moumi.message.popup.imageSelect")%>');
return;
}
<%if (!"csv".equals(mode)) {%>
if(num > 4){
alert ('<%=Moumi.getMessageBundle().getString("moumi.message.popup.attachPossible")%>');
return;
}
<%} else if ("csv".equals(mode)) {%>
if(num > 0){
alert ('<%=Moumi.getMessageBundle().getString("moumi.message.popup.userRegistPossible")%>');
return;
}
<%}%>
frm.action='/servlet/kr.co.kihyun.beans.totsys.board.HttpFileUpload?maxSize=<%=maxSize%>';
frm.submit();
}
function exec(execMode){
if(execMode == "up"){
//파일 업로드 모드
checkFile('<%= svrFilename%>', '<%= usrFilename%>');
this.location='./write_file_upload.jsp?boardGroupID=<%= boardGroupID%>&execMode=init&docID=<%=docID%>&boardID=<%=boardID%>&mode=<%=mode%>&svrFilename=<%=svrFilename%>&usrFilename=<%=usrFilename%>&maxSize=<%=maxSize%>';
}else if(execMode == "del"){
//파일 삭제 모드
alert('<%=Moumi.getMessageBundle().getString("moumi.message.popup.fileDelete")%>');
<%if ("csv".equals(mode)) {%>
this.location='./write_file_upload.jsp?boardGroupID=<%= boardGroupID%>&execMode=init&docID=<%=docID%>&boardID=<%=boardID%>&mode=<%=mode%>&reportID=<%=reportID%>&maxSize=<%=maxSize%>';
<%}%>
}else if(execMode == "init"){
//초기 실행 모드
//alert('<%=Moumi.getMessageBundle().getString("moumi.message.popup.fileAttachStart")%>');
//this.location='./write_file_upload.jsp?boardGroupID=<%= boardGroupID%>&execMode=init';
}else if(execMode == "jump"){
this.location='./write_file_upload.jsp?boardGroupID=<%= boardGroupID%>&execMode=init&docID=<%=docID%>&boardID=<%=boardID%>&mode=<%=mode%>&svrFilename=<%=svrFilename%>&usrFilename=<%=usrFilename%>&maxSize=<%=maxSize%>';
}else{
alert('<%=Moumi.getMessageBundle().getString("moumi.message.popup.wrongValue")%>');
return;
}
}
</script>
<script>
num = 0;
usrFilenames = "";
svrFilenames = "";
fileInfos = "";
userFilePath = "";
function checkFile(Filename, Filename2){
<%if ("sysadm".equals(mode) || "csv".equals(mode)) {%>
frm = parent.document.multiUpload;
<%} else if ("docRegist".equals(mode)) {%>
frm = parent.opener.document.dform;
<%} else {%>
frm = parent.document.dform;
<%}%>
mkFileList(Filename, Filename2, 'add');
num++;
frm.fileCount.value = num;
}
function mkFileList(Filename, Filename2, size, mode) {
<%if ("sysadm".equals(mode) || "csv".equals(mode)) {%>
frm = parent.document.multiUpload;
<%} else if ("docRegist".equals(mode)) {%>
frm = parent.opener.document.dform;
<%} else {%>
frm = parent.document.dform;
<%}%>
num = frm.fileCount.value;
usrFilenames = frm.usrFilenames.value;
svrFilenames = frm.svrFilenames.value;
fileInfos = frm.fileInfos.value;
var tmpSvrFilenames = "";
var tmpUsrFilenames = "";
var tmpFileInfos = "";
//var nList4 = "";
if (!mode){
mode = "add";
}
subFilename = Filename;
subFilename2 = cut_str( 1, Filename2, "/");
subinfo = size;
usrFilenameList = usrFilenames.split(";", num);
svrFilenameList = svrFilenames.split(";", num);
fileInfoList = fileInfos.split(";", num);
if (mode == "add") {
if (svrFilenames && usrFilenames) {
for (i=0; i<num; i++) {
tmpSvrFilenames += svrFilenameList[i] + ";";
tmpUsrFilenames += usrFilenameList[i] + ";";
tmpFileInfos += fileInfoList[i] + ";";
}
tmpSvrFilenames += subFilename;
tmpUsrFilenames += subFilename2;
tmpFileInfos += subinfo;
} else {
tmpSvrFilenames = subFilename;
tmpUsrFilenames = subFilename2;
tmpFileInfos = subinfo;
}
} else {
for (i=0; i<num; i++) {
if (subFilename == svrFilenameList[i])
continue;
else {
tmpSvrFilenames += svrFilenameList[i] + ";";
tmpUsrFilenames += usrFilenameList[i] + ";";
tmpFileInfos += fileInfoList[i] + ";";
}
}
}
usrFilenames = tmpUsrFilenames;
svrFilenames = tmpSvrFilenames;
fileInfos = tmpFileInfos;
frm.fileCount.value = num;
frm.usrFilenames.value = usrFilenames;
frm.svrFilenames.value = svrFilenames;
frm.fileInfos.value = fileInfos;
}
function cut_str( state, value, separator ) {
if (!separator){
separator = ".";
}
if ( state == 0 ){
return value.substring(0, value.lastIndexOf(separator));
}
if ( state == 1 ){
return value.substring(value.lastIndexOf(separator)+1, value.length );
}
}
function delForm() {
<%if ("sysadm".equals(mode) || "csv".equals(mode)) {%>
frm = parent.document.multiUpload;
<%} else if ("docRegist".equals(mode)) {%>
frm = parent.opener.document.dform;
<%} else {%>
frm = parent.document.dform;
<%}%>
num = frm.fileCount.value;
usrFilenames = frm.usrFilenames.value;
svrFilenames = frm.svrFilenames.value;
fileInfos = frm.fileInfos.value;
var list = document.delFrm.fileList;
var a = list.options[list.selectedIndex].value;
var no = -1;
usrFilenameList = usrFilenames.split(";", num);
svrFilenameList = svrFilenames.split(";", num);
for(i=0; i<num; i++) {
if (a == svrFilenameList[i]) {
no = i;
mkFileList(svrFilenameList[i], usrFilenameList[i], 0,"delete");
}
}
if (no != -1) {
<%if ("sysadm".equals(mode) || "csv".equals(mode)) {%>
frm = parent.document.multiUpload;
<%} else if ("docRegist".equals(mode)) {%>
frm = parent.opener.document.dform;
<%} else {%>
frm = parent.document.dform;
<%}%>
dname = "uForm_" + no;
//iname = "previewImg_" + no;
//tname = "content_" + no;
//eval (dname + ".style.visibility = \"hidden\";" );
//eval (dname + ".style.display = \"none\";" );
//frm[iname].src = "";
//frm[tname].value = "";
//frm[iname].width = 0;
//frm[iname].height = 0;
//if (no < (num - 1)){
// reArrange(no, num);
//}
if (num > 0){
num--;
}
frm.fileCount.value = num;
frm.usrFilenames.value = usrFilenames;
frm.svrFilenames.value = svrFilenames;
frm.fileInfos.value = fileInfos;
frm2 = document.delFrm;
frm2.submit();
}
}
function ProcKeyDown() {
keyPressed = String.fromCharCode(window.event.keyCode);
if ((keyPressed == "/r") || (keyPressed == "/n")){
}
}
</script>
</head>
<body style='overflow: hidden;' onload="exec('<%= execMode%>');">
<div class="disFlex">
<div>
<!-- form upFrm -->
<form action='/servlet/kr.co.kihyun.beans.totsys.board.HttpFileUpload' name='upFrm' enctype='multipart/form-data' method='post'>
<input type="hidden" name="boardGroupID" value="<%= boardGroupID%>">
<input type="hidden" name="mode" value="<%= mode%>">
<input type="hidden" name="docID" value="<%= docID%>">
<input type="hidden" name="reportID" value="<%= reportID%>">
<input type="hidden" name="boardID" value="<%= boardID%>">
<input type="hidden" name="maxSize" value="<%=maxSize%>">
<%--<table width="100%" cellSpacing="0" cellPadding="0" border="1">--%>
<div class="mr_5"><input type="file" style="width: 350px" name="appendFile" class="inputtxt" onchange="checkVal();"></div>
<span class="font_size_middle"><%=tmpMsg%>(파일용량 <%=maxSize%>M 제한)</span>
</form>
</div>
<div>
<!-- form delFrm -->
<form action='/servlet/kr.co.kihyun.beans.totsys.board.HttpFileDelete' name='delFrm' method='post'>
<input type="hidden" name="boardGroupID" value="<%= boardGroupID%>" class=inputtxt>
<input type="hidden" name="mode" value="<%= mode%>">
<input type="hidden" name="docID" value="<%= docID%>">
<input type="hidden" name="reportID" value="<%= reportID%>">
<input type="hidden" name="boardID" value="<%= boardID%>">
<input type="hidden" name="maxSize" value="<%=maxSize%>">
<span>
<!--파일 업로드된 리스트 박스-->
<select name='fileList' style="width: 250px" size=3 class="inputtxt vMiddle">
<option selected value="-1">
----------------- <%=Moumi.getMessageBundle().getString("moumi.message.tot_doc.relationDoc")%> -----------------
</option>
<script>
<%
if ("sysadm".equals(mode) || "csv".equals(mode)) {%>
frm = parent.document.multiUpload;
<%} else if ("docRegist".equals(mode)) {%>
frm = parent.opener.document.dform;
<%} else {%>
frm = parent.document.dform;
<%}%>
num = frm.fileCount.value;
usrFilenames = frm.usrFilenames.value;
svrFilenames = frm.svrFilenames.value;
fileInfos = frm.fileInfos.value;
//alert(num+"\n"+usrFilenames+"\n"+svrFilenames+"\n"+fileInfos);
usrFilenameList = usrFilenames.split(";", num);
svrFilenameList = svrFilenames.split(";", num);
for (i=0; i<num && i < 5; i++)
{
// alert("i="+i+"::"+svrFilenameList[i]+"::"+usrFilenameList[i].substr(0, 20));
if(svrFilenameList[i]=='') continue;
// System.out.println("i="+i+"::"+svrFilenameList[i]+"::"+usrFilenameList[i].substr(0, 20));
document.write ("<option value='" + svrFilenameList[i] + "'>" + usrFilenameList[i].substr(0, 20) + "</option>");
}
</script>
</select>
</span>
<span>
<a href="#">
<img alt="삭제" src="./images/bt_file_del.gif" style="margin-left: 10px;" onClick='delForm();'>
</a>
</span>
</form>
</div>
</div>
</body>
</html>
<%
} catch (Exception ex) {
ex.printStackTrace();
}
%>