List of usage examples for org.apache.commons.lang3 StringEscapeUtils escapeHtml4
public static final String escapeHtml4(final String input)
Escapes the characters in a String using HTML entities.
For example:
"bread" & "butter"
"bread" & "butter".
From source file:course.PrivateCloudController.java
private void initializeRoutes() throws IOException { // this is the blog home page get(new FreemarkerBasedRoute("/", "blog_template.ftl") { @Override//from ww w . j a v a 2 s. c o m public void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { String username = sessionDAO.findUserNameBySessionId(getSessionCookie(request)); // this is where we would normally load up the blog data // but this week, we just display a placeholder. HashMap<String, String> root = new HashMap<String, String>(); template.process(root, writer); } }); get(new FreemarkerBasedRoute("/display_vms", "display_vms.ftl") { @Override public void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { //String username = sessionDAO.findUserNameBySessionId(getSessionCookie(request)); List<Document> posts = new ArrayList<Document>();// = statsDAO.findByDateDescending(10); ManagedEntity[] mes = new InventoryNavigator(Path).searchManagedEntities("VirtualMachine"); SimpleHash root = new SimpleHash(); System.out.println("Display VM: VM list"); BasicDBObject query = new BasicDBObject(); VMsDBCollection.deleteMany(query); //HashMap<String, String> root = new HashMap<String, String>(); if (!(mes == null || mes.length == 0)) { for (int i = 0; i < mes.length; i++) { Document text = new Document(); VirtualMachine vm = (VirtualMachine) mes[i]; if (!vm.getName().contains("Template")) { String name = vm.getName(); text.append("name", name); Document DB_VMs = new Document("_id", name); if (vm.getConfig() != null) { String instanceId = vm.getConfig().getInstanceUuid(); text.append("instanceId", instanceId); } System.out.println("VM Name : " + name); String conectionState = vm.getRuntime().getConnectionState().toString(); text.append("conectionState", conectionState); DB_VMs.append("conectionState", conectionState); String ip = vm.getGuest().getIpAddress(); text.append("ip", ip); DB_VMs.append("ip", ip); String powerState = vm.getRuntime().getPowerState().toString(); text.append("powerState", powerState); if (vm.getTriggeredAlarmState() == null) { text.append("alarmState", "notTriggered"); DB_VMs.append("powerState", "notTriggered"); } else { text.append("alarmState", "Triggered"); DB_VMs.append("powerState", "Triggered"); } String launchTime = writeActualDate(vm.getRuntime().getBootTime()); text.append("launchTime", launchTime); DB_VMs.append("launchTime", launchTime); posts.add(text); VMsDBCollection.insertOne(DB_VMs); } } } root.put("VMs", posts); template.process(root, writer); } }); get(new FreemarkerBasedRoute("/create_vm", "create_vm.ftl") { @Override public void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { SimpleHash root = new SimpleHash(); System.out.println("Inside Create VM backend"); template.process(root, writer); } }); post(new FreemarkerBasedRoute("/create_vm", "/create_vm.ftl") { @Override public void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { if (request.queryParams("Create") != null) { ManagedEntity[] mes = new InventoryNavigator(Path).searchManagedEntities("VirtualMachine"); //Clone VM String vmname = request.queryParams("vmname"); String vm_template = request.queryParams("OS"); VirtualMachine vm = (VirtualMachine) new InventoryNavigator(Path) .searchManagedEntity("VirtualMachine", vm_template); VirtualMachineRuntimeInfo vmri = vm.getRuntime(); HostSystem hs = new HostSystem(vm.getServerConnection(), vmri.getHost()); Datacenter dc = (Datacenter) new InventoryNavigator(Path).searchManagedEntity("Datacenter", "T03-DC"); ResourcePool rp = (ResourcePool) new InventoryNavigator(dc) .searchManagedEntities("ResourcePool")[0]; if (vm == null) { System.out.println("No VM found with name " + vm_template); SimpleHash root = new SimpleHash(); root.put("login_error", "No template available"); template.process(root, writer); } else { try { VirtualMachineCloneSpec cloneSpec = new VirtualMachineCloneSpec(); VirtualMachineRelocateSpec locateSpec = new VirtualMachineRelocateSpec(); locateSpec.setPool(rp.getMOR()); cloneSpec.setLocation(locateSpec); cloneSpec.setPowerOn(false); cloneSpec.setTemplate(false); Task task = vm.cloneVM_Task((Folder) vm.getParent(), vmname, cloneSpec); System.out.println("Launching the VM clone task. " + "Please wait ..."); /*String status = task.waitForTask(); if (status == Task.SUCCESS) { System.out.println("VM got cloned successfully."); } else { System.out.println("Failure -: VM cannot be cloned"); }*/ } catch (Exception e) { e.printStackTrace(); } response.redirect("/display_vms"); } } else if (request.queryParams("Cancel") != null) { response.redirect("/display_vms"); } } }); post(new FreemarkerBasedRoute("/display_vms", "display_vms.ftl") { @Override public void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { //String username = sessionDAO.findUserNameBySessionId(getSessionCookie(request)); List<Document> posts = new ArrayList<Document>();// = statsDAO.findByDateDescending(10); SimpleHash root = new SimpleHash(); BasicDBObject query = new BasicDBObject(); ArrayList<String> VM_list = new ArrayList<String>(); MongoCursor<Document> cursor = VMsDBCollection.find(query).iterator(); while (cursor.hasNext()) { String a = cursor.next().toJson(); System.out.println(a); try { JSONObject jsonObject = new JSONObject(a); String vm_name = jsonObject.getString("_id"); VM_list.add(vm_name); } catch (JSONException e) { e.printStackTrace(); } } //take VM list from DB if (request.queryParams("PowerOn") != null) { Iterator vm_iterator = VM_list.iterator(); while (vm_iterator.hasNext()) { String VM_name = vm_iterator.next().toString(); boolean myCheckBox = request.queryParams(VM_name) != null; if (myCheckBox) { System.out.println("Power ON VM " + VM_name); powerOn(VM_name); } } response.redirect("/display_vms"); } else if (request.queryParams("PowerOff") != null) { Iterator vm_iterator = VM_list.iterator(); while (vm_iterator.hasNext()) { String VM_name = vm_iterator.next().toString(); boolean myCheckBox = request.queryParams(VM_name) != null; if (myCheckBox) { System.out.println("Power Off VM " + VM_name); powerOff(VM_name); } } response.redirect("/display_vms"); } else if (request.queryParams("Delete") != null) { Iterator vm_iterator = VM_list.iterator(); while (vm_iterator.hasNext()) { String VM_name = vm_iterator.next().toString(); boolean myCheckBox = request.queryParams(VM_name) != null; if (myCheckBox) { System.out.println("Delete VM " + VM_name); deleteVM(VM_name); } } response.redirect("/display_vms"); } else if (request.queryParams("Get_Chart") != null) { Iterator vm_iterator = VM_list.iterator(); while (vm_iterator.hasNext()) { String VM_name = vm_iterator.next().toString(); boolean myCheckBox = request.queryParams(VM_name) != null; if (myCheckBox) { System.out.println("Get VM " + VM_name + " Charts"); CurrentSelectedVM = VM_name; } } response.redirect("/gChart"); } else if (request.queryParams("Create") != null) { response.redirect("/create_vm"); } else { System.out.println("Invalid "); response.redirect("/display_vms"); // ??? } } }); // google chart handler get(new FreemarkerBasedRoute("/gChart", "GoogleLine.ftl") { @Override public void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { String username = sessionDAO.findUserNameBySessionId(getSessionCookie(request)); if (CurrentSelectedVM != null) { ArrayList<ArrayList> gchartMData = statsDAO.getMGchart(CurrentSelectedVM); ArrayList<ArrayList> gchartCData = statsDAO.getCGchart(CurrentSelectedVM); SimpleHash root = new SimpleHash(); root.put("VMName", CurrentSelectedVM); BasicDBObject query = new BasicDBObject(); query.put("_id", CurrentSelectedVM); MongoCursor<Document> cursor = VMsDBCollection.find(query).iterator(); while (cursor.hasNext()) { String a = cursor.next().toJson(); System.out.println("Json :::: \n" + a); try { JSONObject jsonObject = new JSONObject(a); if (jsonObject.has("ip") && jsonObject.has("_id")) { root.put("IPAD", jsonObject.getString("ip")); System.out.println("IP address for this VM is " + jsonObject.getString("ip")); } } catch (JSONException e) { e.printStackTrace(); } } if (CurrentSelectedVM.contains("Lin")) root.put("vm_type", "Lin"); else if (CurrentSelectedVM.contains("Win")) root.put("vm_type", "Win"); CurrentSelectedVM = null; root.put("usernameVM", "administrator"); root.put("passwordVM", "12!@qwQW"); root.put("gcdata1", gchartMData); root.put("gcdata2", gchartCData); //System.out.println(gchartData); // System.out.println(gchartData.get(0)); template.process(root, writer); } } }); post(new FreemarkerBasedRoute("/gChart", "GoogleLine.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { if (request.queryParams("Home") != null) { response.redirect("/display_vms"); } } }); // handle the signup post post(new FreemarkerBasedRoute("/signup", "signup.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { String email = request.queryParams("email"); String username = request.queryParams("username"); String password = request.queryParams("password"); String verify = request.queryParams("verify"); HashMap<String, String> root = new HashMap<String, String>(); root.put("username", StringEscapeUtils.escapeHtml4(username)); root.put("email", StringEscapeUtils.escapeHtml4(email)); if (validateSignup(username, password, verify, email, root)) { // good user System.out.println("Signup: Creating user with: " + username + " " + password); if (!userDAO.addUser(username, password, email)) { // duplicate user root.put("username_error", "Username already in use, Please choose another"); template.process(root, writer); } else { // good user, let's start a session String sessionID = sessionDAO.startSession(username); System.out.println("Session ID is" + sessionID); response.raw().addCookie(new Cookie("session", sessionID)); response.redirect("/login"); } } else { // bad signup System.out.println("User Registration did not validate"); template.process(root, writer); } } }); // present signup form for blog get(new FreemarkerBasedRoute("/signup", "signup.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { SimpleHash root = new SimpleHash(); // initialize values for the form. root.put("username", ""); root.put("password", ""); root.put("email", ""); root.put("password_error", ""); root.put("username_error", ""); root.put("email_error", ""); root.put("verify_error", ""); template.process(root, writer); } }); get(new FreemarkerBasedRoute("/welcome", "welcome.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { String cookie = getSessionCookie(request); String username = sessionDAO.findUserNameBySessionId(cookie); if (username == null) { System.out.println("welcome() can't identify the user, redirecting to signup"); response.redirect("/signup"); } else { SimpleHash root = new SimpleHash(); root.put("username", username); template.process(root, writer); } } }); // present the login page get(new FreemarkerBasedRoute("/login", "login.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { SimpleHash root = new SimpleHash(); root.put("username", ""); root.put("login_error", ""); template.process(root, writer); } }); // process output coming from login form. On success redirect folks to the welcome page // on failure, just return an error and let them try again. post(new FreemarkerBasedRoute("/login", "login.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { String username = request.queryParams("username"); String password = request.queryParams("password"); System.out.println("Login: User submitted: " + username + " " + password); Document user = userDAO.validateLogin(username, password); if (user != null) { // valid user, let's log them in String sessionID = sessionDAO.startSession(user.get("_id").toString()); if (sessionID == null) { response.redirect("/internal_error"); } else { // set the cookie for the user's browser response.raw().addCookie(new Cookie("session", sessionID)); response.redirect("/display_vms"); } } else { SimpleHash root = new SimpleHash(); root.put("username", StringEscapeUtils.escapeHtml4(username)); root.put("password", ""); root.put("login_error", "Invalid Login"); template.process(root, writer); } } }); // allows the user to logout of the blog get(new FreemarkerBasedRoute("/logout", "signup.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { String sessionID = getSessionCookie(request); if (sessionID == null) { // no session to end response.redirect("/login"); } else { // deletes from session table sessionDAO.endSession(sessionID); // this should delete the cookie Cookie c = getSessionCookieActual(request); c.setMaxAge(0); response.raw().addCookie(c); response.redirect("/login"); } } }); // used to process internal errors get(new FreemarkerBasedRoute("/internal_error", "error_template.ftl") { @Override protected void doHandle(Request request, Response response, Writer writer) throws IOException, TemplateException { SimpleHash root = new SimpleHash(); root.put("error", "System has encountered an error."); template.process(root, writer); } }); }
From source file:com.netsteadfast.greenstep.bsc.service.logic.impl.OrganizationLogicServiceImpl.java
/** * tree ?, json //from w ww.j a v a 2s. com * MAP LIST * * @param putObject * @param searchList * @param parentOrgId * @throws Exception */ @SuppressWarnings("unchecked") private void getTreeData(String basePath, boolean checkBox, String appendId, Map<String, Object> putObject, List<OrganizationVO> searchList, String parentOrgId) throws Exception { List<String> childList = new LinkedList<String>(); this.getChildOrgIdLevelOne(searchList, parentOrgId, childList); if (childList.size() < 1) { return; } for (String childOrgId : childList) { OrganizationVO organization = this.getOrganizationFromSearchList(searchList, childOrgId, false); OrganizationVO childOrganization = this.getOrganizationFromSearchList(searchList, childOrgId, true); if (organization == null) { continue; } Map<String, Object> thePutObject = null; List<Map<String, Object>> childrenList = (List<Map<String, Object>>) putObject.get("children"); if (childrenList == null) { childrenList = new LinkedList<Map<String, Object>>(); } Map<String, Object> nodeMap = new LinkedHashMap<String, Object>(); nodeMap.put("id", organization.getOid()); nodeMap.put("name", (checkBox ? getCheckBoxHtmlContent(organization, appendId) : "") + IconUtils.getMenuIcon(basePath, TREE_ICON_ID) + StringEscapeUtils.escapeHtml4(organization.getName())); nodeMap.put("orgId", organization.getOrgId()); childrenList.add(nodeMap); putObject.put("children", childrenList); if (childOrganization != null) { thePutObject = nodeMap; } else { nodeMap.put("type", "Leaf"); thePutObject = putObject; } if (childOrganization != null) { this.getTreeData(basePath, checkBox, appendId, thePutObject, searchList, childOrgId); } } }
From source file:de.blizzy.documentr.search.PageIndex.java
private SearchTextSuggestion getSearchTextSuggestion(String searchText, Authentication authentication, IndexSearcher searcher) throws IOException, ParseException, TimeoutException { List<WordPosition> words = Lists.newArrayList(); TokenStream tokenStream = null;// w w w . j a va 2 s. c o m try { tokenStream = analyzer.tokenStream(ALL_TEXT_SUGGESTIONS, new StringReader(searchText)); tokenStream.addAttribute(CharTermAttribute.class); tokenStream.addAttribute(OffsetAttribute.class); tokenStream.reset(); while (tokenStream.incrementToken()) { CharTermAttribute charTerm = tokenStream.getAttribute(CharTermAttribute.class); String text = charTerm.toString(); if (StringUtils.isNotBlank(text)) { OffsetAttribute offset = tokenStream.getAttribute(OffsetAttribute.class); WordPosition word = new WordPosition(text, offset.startOffset(), offset.endOffset()); words.add(word); } } tokenStream.end(); } finally { Closeables.closeQuietly(tokenStream); } Collections.reverse(words); StringBuilder suggestedSearchText = new StringBuilder(searchText); StringBuilder suggestedSearchTextHtml = new StringBuilder(searchText); boolean foundSuggestions = false; String now = String.valueOf(System.currentTimeMillis()); String startMarker = "__SUGGESTION-" + now + "__"; //$NON-NLS-1$ //$NON-NLS-2$ String endMarker = "__/SUGGESTION-" + now + "__"; //$NON-NLS-1$ //$NON-NLS-2$ DirectSpellChecker spellChecker = new DirectSpellChecker(); IndexReader reader = searcher.getIndexReader(); for (WordPosition word : words) { Term term = new Term(ALL_TEXT_SUGGESTIONS, word.getWord()); SuggestWord[] suggestions = spellChecker.suggestSimilar(term, 1, reader, SuggestMode.SUGGEST_MORE_POPULAR); if (suggestions.length > 0) { String suggestedWord = suggestions[0].string; int start = word.getStart(); int end = word.getEnd(); suggestedSearchText.replace(start, end, suggestedWord); suggestedSearchTextHtml.replace(start, end, startMarker + StringEscapeUtils.escapeHtml4(suggestedWord) + endMarker); foundSuggestions = true; } } if (foundSuggestions) { String suggestion = suggestedSearchText.toString(); SearchResult suggestionResult = findPages(suggestion, 1, authentication, searcher); int suggestionTotalHits = suggestionResult.getTotalHits(); if (suggestionTotalHits > 0) { String html = StringEscapeUtils.escapeHtml4(suggestedSearchTextHtml.toString()) .replaceAll(startMarker + "(.*?)" + endMarker, "<strong><em>$1</em></strong>"); //$NON-NLS-1$ //$NON-NLS-2$ return new SearchTextSuggestion(suggestedSearchText.toString(), html, suggestionTotalHits); } } return null; }
From source file:net.java.sip.communicator.impl.gui.main.chat.ChatHtmlUtils.java
/** * Creates the message tag.//www .j av a 2 s . c om * * @param messageID the identifier of the message * @param contactName the name of the sender * @param message the message content * @param contentType the content type (html or plain text) * @param date the date on which the message was sent * @param isEdited indicates if the given message has been edited * @param isHistory indicates if this is a message coming from history * @return the newly constructed message tag */ private static String createSimpleMessageTag(String messageID, String contactName, String message, String contentType, Date date, boolean isEdited, boolean isHistory) { StringBuilder messageTag = new StringBuilder(); SimpleDateFormat sdf = new SimpleDateFormat(HistoryService.DATE_FORMAT); messageTag.append(String.format("<div id=\"%s\" %s=\"%s\" ", MESSAGE_TEXT_ID + messageID, NAME_ATTRIBUTE, contactName)); messageTag.append(DATE_ATTRIBUTE).append("=\"").append(sdf.format(date)).append("\" "); final byte[] encodedMessageBytes = net.java.sip.communicator.util.Base64.encode(getMessageBytes(message)); messageTag.append(String.format("%s=\"%s\" ", ORIGINAL_MESSAGE_ATTRIBUTE, new String(encodedMessageBytes))); messageTag.append(IncomingMessageStyle.createSingleMessageStyle(isHistory, isEdited, true)); messageTag.append(">"); if (HTML_CONTENT_TYPE.equalsIgnoreCase(contentType)) { messageTag.append(message); } else { messageTag.append(StringEscapeUtils.escapeHtml4(message)); } if (isEdited) messageTag.append(" "); if (isEdited) messageTag.append(createEditedAt(date)); messageTag.append("</div>"); return messageTag.toString(); }
From source file:net.java.sip.communicator.impl.gui.main.chat.ChatConversationPanel.java
/** * Processes the message given by the parameters. * * @param chatMessage the message/*from w w w .j ava2 s. co m*/ * @param keyword a substring of <tt>chatMessage</tt> to be highlighted upon * display of <tt>chatMessage</tt> in the UI * @return the processed message */ public String processMessage(ChatMessage chatMessage, String keyword, ProtocolProviderService protocolProvider, String contactAddress) { // If this is a consecutive message don't go through the initiation // and just append it. if (isConsecutiveMessage(chatMessage)) { appendConsecutiveMessage(chatMessage, keyword); return null; } String contentType = chatMessage.getContentType(); lastMessageTimestamp = chatMessage.getDate(); String contactName = chatMessage.getContactName(); String contactDisplayName = chatMessage.getContactDisplayName(); if (contactDisplayName == null || contactDisplayName.trim().length() <= 0) contactDisplayName = contactName; else { // for some reason ' is not rendered correctly from our ui, // lets use its equivalent. Other similar chars(< > & ") seem ok. contactDisplayName = contactDisplayName.replaceAll("'", "'"); } Date date = chatMessage.getDate(); String messageType = chatMessage.getMessageType(); String messageTitle = chatMessage.getMessageTitle(); String message = chatMessage.getMessage(); String chatString = ""; String endHeaderTag = ""; lastMessageUID = chatMessage.getMessageUID(); if (messageType.equals(Chat.INCOMING_MESSAGE)) { this.lastIncomingMsgTimestamp = new Date(); chatString = ChatHtmlUtils.createIncomingMessageTag(lastMessageUID, contactName, contactDisplayName, getContactAvatar(protocolProvider, contactAddress), date, formatMessageAsHTML(message, contentType, keyword), ChatHtmlUtils.HTML_CONTENT_TYPE, false, isSimpleTheme); } else if (messageType.equals(Chat.OUTGOING_MESSAGE)) { chatString = ChatHtmlUtils.createOutgoingMessageTag(lastMessageUID, contactName, contactDisplayName, getContactAvatar(protocolProvider), date, formatMessageAsHTML(message, contentType, keyword), ChatHtmlUtils.HTML_CONTENT_TYPE, false, isSimpleTheme); } else if (messageType.equals(Chat.HISTORY_INCOMING_MESSAGE)) { chatString = ChatHtmlUtils.createIncomingMessageTag(lastMessageUID, contactName, contactDisplayName, getContactAvatar(protocolProvider, contactAddress), date, formatMessageAsHTML(message, contentType, keyword), ChatHtmlUtils.HTML_CONTENT_TYPE, true, isSimpleTheme); } else if (messageType.equals(Chat.HISTORY_OUTGOING_MESSAGE)) { chatString = ChatHtmlUtils.createOutgoingMessageTag(lastMessageUID, contactName, contactDisplayName, getContactAvatar(protocolProvider), date, formatMessageAsHTML(message, contentType, keyword), ChatHtmlUtils.HTML_CONTENT_TYPE, true, isSimpleTheme); } else if (messageType.equals(Chat.SMS_MESSAGE)) { chatString = ChatHtmlUtils.createIncomingMessageTag(lastMessageUID, contactName, contactDisplayName, getContactAvatar(protocolProvider, contactAddress), date, ConfigurationUtils.isSmsNotifyTextDisabled() ? formatMessageAsHTML(message, contentType, keyword) : formatMessageAsHTML("SMS: " + message, contentType, keyword), ChatHtmlUtils.HTML_CONTENT_TYPE, false, isSimpleTheme); } else if (messageType.equals(Chat.STATUS_MESSAGE)) { chatString = "<div id=\"statusMessage\" date=\"" + date + "\"" + " style=\"color: #8F8F8F; font-size: 8px;\">"; endHeaderTag = "</div>"; chatString += GuiUtils.formatTime(date) + " " + StringEscapeUtils.escapeHtml4(contactName) + " " + formatMessageAsHTML(message, contentType, keyword) + endHeaderTag; } else if (messageType.equals(Chat.ACTION_MESSAGE)) { chatString = "<p id=\"actionMessage\" date=\"" + date + "\">"; endHeaderTag = "</p>"; chatString += "* " + GuiUtils.formatTime(date) + " " + StringEscapeUtils.escapeHtml4(contactName) + " " + formatMessageAsHTML(message, contentType, keyword) + endHeaderTag; } else if (messageType.equals(Chat.SYSTEM_MESSAGE)) { String startSystemDivTag = "<DIV id=\"systemMessage\" style=\"color:#627EB7;\">"; String endDivTag = "</DIV>"; chatString += startSystemDivTag + formatMessageAsHTML(message, contentType, keyword) + endDivTag; } else if (messageType.equals(Chat.ERROR_MESSAGE)) { chatString = "<h6 id=\"" + ChatHtmlUtils.MESSAGE_HEADER_ID + "\" date=\"" + date + "\">"; endHeaderTag = "</h6>"; String errorIcon = "<IMG SRC=\"" + ImageLoader.getImageUri(ImageLoader.EXCLAMATION_MARK) + "\"></IMG>"; // If the message title is null do not show it and show the error // icon on the same line as the actual error message. if (messageTitle != null) { chatString += errorIcon + StringEscapeUtils.escapeHtml4(messageTitle) + endHeaderTag + "<h5>" + formatMessageAsHTML(message, contentType, keyword) + "</h5>"; } else { chatString += endHeaderTag + "<h5>" + errorIcon + " " + formatMessageAsHTML(message, contentType, keyword) + "</h5>"; } } return chatString; }
From source file:gov.nih.nci.cadsr.cadsrpasswordchange.core.MainServlet.java
protected void doSaveQuestions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, Exception { logger.info("doSaveQuestions"); try {/*from w w w. j a v a 2s .c o m*/ // req.getSession().invalidate(); //invalid session everytime // HttpSession session = req.getSession(true); HttpSession session = req.getSession(false); //caDSR Password Change Station CADSRPASSW-43 Reset security questions/answers are the same if (session == null) { logger.debug("null session"); // this shouldn't happen, make the user start over resp.sendRedirect("./jsp/loggedOut.jsp"); return; } // Security enhancement int paramCount = 0; String loginID = req.getParameter("userid"); //CADSRPASSW-40 if (loginID != null) { loginID = loginID.toUpperCase(); } String question1 = req.getParameter("question1"); String answer1 = req.getParameter("answer1"); String question2 = req.getParameter("question2"); String answer2 = req.getParameter("answer2"); String question3 = req.getParameter("question3"); String answer3 = req.getParameter("answer3"); //begin - CADSRPASSW-73 String status = ""; try { logger.info("doSaveQuestions: checking account status ..."); status = doValidateAccountStatus(loginID, session, req, resp, "./jsp/setupPassword.jsp"); logger.debug("doSaveQuestions: account status check done"); } catch (Exception e1) { logger.debug("doSaveQuestions: account status was: [" + status + "]"); if (status != null && status.equals("")) { session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.101")); resp.sendRedirect("./jsp/setupPassword.jsp"); return; } else { logger.debug("doSaveQuestions: account status check error was: " + e1.getMessage()); e1.printStackTrace(); } } //end - CADSRPASSW-73 if (status.indexOf(Constants.LOCKED_STATUS) > -1) { logger.debug("doSaveQuestions:status [" + status + "] returning without doing anything ..."); return; } //"remember" the questions selected by the user String selectedQ[] = { question1, question2, question3 }; handleQuestionsOptions(req, selectedQ); req.getSession().setAttribute("userid", loginID); //CADSRPASSW-40 session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, ""); UserBean userBean = (UserBean) session.getAttribute(UserBean.USERBEAN_SESSION_ATTRIBUTE); // String username = req.getParameter("userid"); String password = req.getParameter("password"); //xss prevention (http://ha.ckers.org/xss.html) if (!StringEscapeUtils.escapeHtml4(answer1).equals(answer1) || !StringEscapeUtils.escapeHtml4(answer2).equals(answer2) || !StringEscapeUtils.escapeHtml4(answer3).equals(answer3)) { logger.debug("invalid character failed during questions/answers save"); session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.160")); //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } //DoS attack using string length overflow if (!CommonUtil.truncate(answer1, Constants.MAX_ANSWER_LENGTH).equals(answer1) || !CommonUtil.truncate(answer2, Constants.MAX_ANSWER_LENGTH).equals(answer2) || !CommonUtil.truncate(answer3, Constants.MAX_ANSWER_LENGTH).equals(answer3) || !CommonUtil.truncate(question1, Constants.MAX_ANSWER_LENGTH).equals(question1) || !CommonUtil.truncate(question2, Constants.MAX_ANSWER_LENGTH).equals(question2) || !CommonUtil.truncate(question3, Constants.MAX_ANSWER_LENGTH).equals(question3)) { logger.debug("invalid answer(s) length during questions/answers save"); session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.112")); // req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } logger.debug("saveQuestions:username " + loginID); //CADSRPASSW-54 CADSRPASSW-82 // if(ConnectionUtil.isExpiredAccount(loginID, password)) { // logger.debug("expired password status for userid " + loginID); // session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.104")); // //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 // req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); // return; // } //CADSRPASSW-49 if (status != null && status.indexOf(Constants.EXPIRED_STATUS) > -1) { connect(); PasswordChangeDAO userDAO = new PasswordChangeDAO(datasource); try { if (!userDAO.checkValidUser(loginID)) { //incorrect user id session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.101")); req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } //CADSRPASSW-82 if (!ConnectionUtil.isExpiredAccount(loginID, password)) { //meaning incorrect password session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.102")); //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } } catch (Exception e) { e.printStackTrace(); } finally { disconnect(); } } else { connect(); PasswordChangeDAO loginDAO = new PasswordChangeDAO(datasource); userBean = loginDAO.checkValidUser(loginID, password); disconnect(); session.setAttribute(UserBean.USERBEAN_SESSION_ATTRIBUTE, userBean); logger.debug("validUser" + userBean.isLoggedIn()); logger.debug("resultCode " + userBean.getResult().getResultCode().toString()); if (!userBean.isLoggedIn()) { logger.debug("auth failed during questions/answers save"); if (userBean.getResult().getResultCode() != ResultCode.LOCKED_OUT) { session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.102")); } else { session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.103")); } //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } } // Security enhancement Map<String, String> userQuestions = new HashMap<String, String>(); userQuestions.put(question1, ""); userQuestions.put(question2, ""); userQuestions.put(question3, ""); if (question1 != null && !question1.equals("")) paramCount++; if (question2 != null && !question2.equals("")) paramCount++; if (question3 != null && !question3.equals("")) paramCount++; if (userQuestions.size() < TOTAL_QUESTIONS && paramCount == TOTAL_QUESTIONS) { logger.debug("security Q&A validation failed"); session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.135")); //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } userQuestions = new HashMap<String, String>(); Map<String, String> userAnswers = new HashMap<String, String>(); if (question1 != null && !question1.equals("") && answer1 != null && !answer1.equals("")) userQuestions.put(Constants.Q1, question1); userAnswers.put(Constants.A1, answer1); if (question2 != null && !question2.equals("") && answer2 != null && !answer2.equals("")) userQuestions.put(Constants.Q2, question2); userAnswers.put(Constants.A2, answer2); if (question3 != null && !question3.equals("") && answer3 != null && !answer3.equals("")) userQuestions.put(Constants.Q3, question3); userAnswers.put(Constants.A3, answer3); logger.debug("saving request: " + question1 + "=" + answer1 + " " + question2 + "=" + answer2 + " " + question3 + "=" + answer3); if (Messages.getString("PasswordChangeHelper.125").equals(PasswordChangeHelper .validateSecurityQandA(TOTAL_QUESTIONS, loginID, userQuestions, userAnswers))) { logger.debug("security Q&A validation failed"); session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.125")); //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } if (!PasswordChangeHelper.validateQuestionsLength(TOTAL_QUESTIONS, userQuestions, userAnswers)) { logger.debug("security Q&A validation failed"); session.setAttribute(ERROR_MESSAGE_SESSION_ATTRIBUTE, Messages.getString("PasswordChangeHelper.150")); //req.getRequestDispatcher(Constants.SETUP_QUESTIONS_URL).forward(req, resp); //didn't work for jboss 4.0.5 req.getRequestDispatcher("./jsp/setupPassword.jsp").forward(req, resp); return; } logger.info("saving request: user provided " + userQuestions + " " + userAnswers); saveUserStoredQna(loginID, userQuestions, userAnswers); //TBD - retrieve all questions related to the users from dao and set them into sessions session.setAttribute(Constants.USERNAME, loginID); session.invalidate(); resp.sendRedirect(Constants.SETUP_SAVED_URL); } catch (Throwable theException) { logger.error(theException); } }
From source file:com.denimgroup.threadfix.importer.impl.AbstractChannelImporter.java
/** * If the channelType is set and the vulnerability code is in the DB this * method will pull it up./*from w w w. j a v a 2s . co m*/ * * @param code channel vulnerability's code * @return vulnerability from the DB */ protected ChannelVulnerability getChannelVulnerability(String code) { assert channelVulnerabilityDao != null; if (getChannelType() == null || code == null) { return null; } if (channelVulnerabilityMap == null) { initializeMaps(); assert channelVulnerabilityMap != null; } if (channelVulnerabilityMap.containsKey(code)) { return channelVulnerabilityMap.get(code); } else { ChannelVulnerability vuln = channelVulnerabilityDao.retrieveByCode(getChannelType(), code); if (vuln == null) { if (getChannelType() != null) { log.info("A " + getChannelType().getName() + " channel vulnerability with code " + StringEscapeUtils.escapeHtml4(code) + " was requested but not found. " + "Creating new ChannelVulnerability."); } vuln = createNewChannelVulnerability(getChannelType(), code); } else { if (channelVulnerabilityDao.hasMappings(vuln.getId())) { log.info("The " + getChannelType().getName() + " channel vulnerability with code " + StringEscapeUtils.escapeHtml4(code) + " has no generic mapping."); } } channelVulnerabilityMap.put(code, vuln); return vuln; } }
From source file:net.java.sip.communicator.impl.gui.main.chat.ChatHtmlUtils.java
/** * Creates the message tag./* w ww. ja v a 2 s . c o m*/ * * @param messageID the identifier of the message * @param contactName the name of the sender * @param message the message content * @param contentType the content type (html or plain text) * @param date the date on which the message was sent * @param isEdited indicates if the given message has been edited * @param isHistory indicates if this is a message coming from history * @return the newly constructed message tag */ private static String createAdvancedMessageTag(String messageID, String contactName, String message, String contentType, Date date, boolean isEdited, boolean isHistory) { StringBuilder messageTag = new StringBuilder(); SimpleDateFormat sdf = new SimpleDateFormat(HistoryService.DATE_FORMAT); messageTag.append(String.format("<div id=\"%s\" %s=\"%s\" ", MESSAGE_TEXT_ID + messageID, NAME_ATTRIBUTE, contactName)); messageTag.append(DATE_ATTRIBUTE).append("=\"").append(sdf.format(date)).append("\" "); final byte[] encodedMessageBytes = net.java.sip.communicator.util.Base64.encode(getMessageBytes(message)); messageTag.append(String.format("%s=\"%s\" ", ORIGINAL_MESSAGE_ATTRIBUTE, new String(encodedMessageBytes))); messageTag.append(IncomingMessageStyle.createSingleMessageStyle(isHistory, isEdited, false)); messageTag.append(">"); if (HTML_CONTENT_TYPE.equalsIgnoreCase(contentType)) { messageTag.append(message); } else { messageTag.append(StringEscapeUtils.escapeHtml4(message)); } if (isEdited) { messageTag.append(" "); messageTag.append(createEditedAt(date)); } messageTag.append("</div>"); return messageTag.toString(); }
From source file:com.netsteadfast.greenstep.bsc.service.logic.impl.EmployeeLogicServiceImpl.java
@ServiceMethodAuthority(type = { ServiceMethodType.SELECT })
@Override// w w w. j av a2 s . com
public List<Map<String, Object>> getTreeData(String basePath) throws ServiceException, Exception {
List<Map<String, Object>> items = new LinkedList<Map<String, Object>>();
List<EmployeeVO> empList = this.getEmployeeService().findForJoinHier();
if (empList == null || empList.size() < 1) {
return items;
}
for (EmployeeVO emp : empList) {
//
if (!(super.isBlank(emp.getSupOid()) || BscConstants.EMPLOYEE_HIER_ZERO_OID.equals(emp.getSupOid()))) {
continue;
}
Map<String, Object> parentDataMap = new LinkedHashMap<String, Object>();
parentDataMap.put("type", "parent");
parentDataMap.put("id", emp.getOid());
parentDataMap.put("name", IconUtils.getMenuIcon(basePath, TREE_ICON_ID)
+ StringEscapeUtils.escapeHtml4(this.getTreeShowName(emp)));
parentDataMap.put("oid", emp.getOid());
items.add(parentDataMap);
}
// ??
for (int ix = 0; ix < items.size(); ix++) {
Map<String, Object> parentDataMap = items.get(ix);
String oid = (String) parentDataMap.get("oid");
this.getTreeData(basePath, parentDataMap, empList, oid);
}
return items;
}
From source file:com.netsteadfast.greenstep.util.MenuSupportUtils.java
/** * ?Tree?//from w w w .ja v a 2s.c o m * * @param basePath * @param sysList * @return * @throws ServiceException * @throws Exception */ public static List<Map<String, Object>> getMenuTreeJsonData(String basePath, List<TbSys> sysList, String localeCode) throws ServiceException, Exception { if (LocaleLanguageUtils.getMap().get(localeCode) == null) { localeCode = LocaleLanguageUtils.getDefault(); } List<Map<String, Object>> treeMenuList = new LinkedList<Map<String, Object>>(); for (TbSys sys : sysList) { List<SysMenuVO> sysMenuList = loadSysMenuData(sys.getSysId()); if (sysMenuList == null || sysMenuList.size() < 1) { continue; } String multiSysName = getSystemMultiName(sys, localeCode); // Map<String, Object> systemMap = new HashMap<String, Object>(); systemMap.put("id", sys.getSysId()); systemMap.put("progId", sys.getSysId()); //systemMap.put("name", sys.getName()); systemMap.put("name", multiSysName); // systemMap.put("type", MenuItemType.FOLDER); //systemMap.put("url", " "); systemMap.put("onclick", " "); //systemMap.put("label", IconUtils.getMenuIcon(basePath, sys.getIcon()) + StringEscapeUtils.escapeHtml4(sys.getName()) ); systemMap.put("label", IconUtils.getMenuIcon(basePath, sys.getIcon()) + StringEscapeUtils.escapeHtml4(multiSysName)); // List<Map<String, Object>> sysItemList = new LinkedList<Map<String, Object>>(); List<SysMenuVO> folderList = searchFolder(sysMenuList); for (SysMenuVO sysMenu : folderList) { List<SysMenuVO> menuItemList = searchItem(sysMenu.getOid(), sysMenuList); if (menuItemList == null || menuItemList.size() < 1) { continue; } String menuProgMultiName = getProgramMultiName(sysMenu, localeCode); Map<String, Object> sysMenuMap = new HashMap<String, Object>(); sysMenuMap.put("id", sysMenu.getOid()); sysMenuMap.put("progId", sysMenu.getProgId()); //sysMenuMap.put("name", sysMenu.getName()); sysMenuMap.put("name", menuProgMultiName); // sysMenuMap.put("type", sysMenu.getItemType()); //sysMenuMap.put("url", " "); sysMenuMap.put("onclick", " "); //sysMenuMap.put("label", IconUtils.getMenuIcon(basePath, sysMenu.getIcon()) + StringEscapeUtils.escapeHtml4(sysMenu.getName()) ); sysMenuMap.put("label", IconUtils.getMenuIcon(basePath, sysMenu.getIcon()) + StringEscapeUtils.escapeHtml4(menuProgMultiName)); // List<Map<String, Object>> childItemList = new LinkedList<Map<String, Object>>(); for (SysMenuVO menuItem : menuItemList) { String menuItemProgMultiName = getProgramMultiName(menuItem, localeCode); Map<String, Object> itemMap = new HashMap<String, Object>(); itemMap.put("id", menuItem.getOid()); itemMap.put("progId", menuItem.getProgId()); //itemMap.put("name", menuItem.getName()); itemMap.put("name", menuItemProgMultiName); // itemMap.put("type", menuItem.getItemType()); itemMap.put("parent", menuItem.getParentOid()); //itemMap.put("url", getUrl(basePath, sys, menuItem) ); itemMap.put("onclick", menuItem.getProgId() + "_TabShow()"); //itemMap.put("label", IconUtils.getMenuIcon(basePath, menuItem.getIcon()) + StringEscapeUtils.escapeHtml4(menuItem.getName()) ); itemMap.put("label", IconUtils.getMenuIcon(basePath, menuItem.getIcon()) + StringEscapeUtils.escapeHtml4(menuItemProgMultiName)); // childItemList.add(itemMap); } sysMenuMap.put("children", childItemList); sysItemList.add(sysMenuMap); } if (sysItemList.size() > 0) { systemMap.put("children", sysItemList); treeMenuList.add(systemMap); } } return treeMenuList; }