RuleOperation.jsp 7.56 KB

Raw Blame History Permalink

<%@ page language="java" contentType="text/html; charset=UTF-8" %>
<%@ include file="/templetecheck/filecheck/CheckUserIsSysadmin.jsp" %>
<%@ page import="weaver.conn.RecordSet" %>
<%@ page import="weaver.general.Util" %>
<%@ page import="java.net.URLDecoder" %>
<%@ page import="java.util.regex.Pattern" %>
<%@ page import="java.util.regex.PatternSyntaxException" %>
<jsp:useBean id="rs" class="weaver.conn.RecordSet" scope="page"/>
<%!
    private String checkContent(String rulefrom, String content, String method, String flageid,String contenttype) {
        try {
            Pattern p = Pattern.compile(content);
        } catch (PatternSyntaxException e) {
            return "pse";
        }
        String table = "";
        if ("specialfilecheck".equalsIgnoreCase(rulefrom)) {
            table = "upgradecheckrule";
        } else if ("mode".equalsIgnoreCase(rulefrom)) {
            table = "upgradecheckmoderule";
        } else if ("mobilemode".equalsIgnoreCase(rulefrom)) {
            table = "checkmobilemoderule";
        } else {
            table = "upgradecheckworkflowrule";
        }
        RecordSet rs = new RecordSet();
        if(rs.getDBType().toLowerCase().equals("mysql")){
            content=content.replaceAll("\\\\","\\\\\\\\");
        }
        String sql = "select * from " + table+ " WHERE content='" + content + "' and contenttype='"+contenttype+"'";
        if ("edit".equals(method)) {
            sql += " and id not in(" + flageid + ")";
        }
        rs.execute(sql);
        if (rs.next()) {
            return "NO";
        }
        return "OK";
    }
%>
<%
    String name = Util.null2String(request.getParameter("name"));
    String description = Util.null2String(request.getParameter("description"));
    String content = URLDecoder.decode(Util.null2String(request.getParameter("content")), "UTF-8");
    String flageid = Util.null2String(request.getParameter("flageid"));
    String replacecontent = URLDecoder.decode(Util.null2String(request.getParameter("replacecontent")), "UTF-8").trim();
    String checktype = Util.null2String(request.getParameter("checktype"));
    String ruletype = Util.null2String(request.getParameter("ruletype"));
    String method = Util.null2String(request.getParameter("method"));
    String version = Util.null2String(request.getParameter("version"));
    String rulefrom = Util.null2String(request.getParameter("rulefrom"));
    String contenttype = Util.null2String(request.getParameter("contenttype"));
    boolean res = false;
    String check = "";
    if (flageid.endsWith(",")) {
        flageid = flageid.substring(0, flageid.length() - 1);
    }
    if ("delete".equals(method)) {
        String deleteSql = "";
        if ("specialfilecheck".equalsIgnoreCase(rulefrom)) {
            deleteSql = "delete from upgradecheckrule where id in (" + flageid + ")";
        } else if ("mode".equalsIgnoreCase(rulefrom)) {
            deleteSql = "delete from upgradecheckmoderule where id in (" + flageid + ")";
        } else if ("mobilemode".equalsIgnoreCase(rulefrom)) {
            deleteSql = "delete from checkmobilemoderule where id in (" + flageid + ")";
        } else {
            deleteSql = "delete from upgradecheckworkflowrule where id in (" + flageid + ")";
        }
        res = rs.execute(deleteSql);
        if (res) {
            out.print("{\"status\":\"ok\"}");
        } else {
            out.print("{\"status\":\"no\"}");
        }
    } else {

        check = checkContent(rulefrom, content, method, flageid,contenttype);
        if(rs.getDBType().toLowerCase().equals("mysql")){
            content=content.replaceAll("\\\\","\\\\\\\\");
        }
        if ("add".equals(method)) {
            if ("OK".equals(check)) {
                String insertSql = "";
                if ("specialfilecheck".equalsIgnoreCase(rulefrom)) {
                    insertSql = "insert into upgradecheckrule(rulename,ruledesc,ruletype,checktype,content,replacecontent,version) values ('" + name + "','" + description + "','" + ruletype + "','" + checktype + "','" + content + "','" + replacecontent + "','" + version + "')";
                } else if ("mode".equalsIgnoreCase(rulefrom)) {
                    insertSql = "insert into upgradecheckmoderule(rulename,ruledesc,ruletype,checktype,content,replacecontent,version,contenttype) values ('" + name + "','" + description + "','" + ruletype + "','" + checktype + "','" + content + "','" + replacecontent + "','" + version + "','" + contenttype + "')";
                } else if ("mobilemode".equalsIgnoreCase(rulefrom)) {
                    insertSql = "insert into checkmobilemoderule(rulename,ruledesc,ruletype,checktype,content,replacecontent,version,contenttype) values ('" + name + "','" + description + "','" + ruletype + "','" + checktype + "','" + content + "','" + replacecontent + "','" + version + "','" + contenttype + "')";
                } else {
                    insertSql = "insert into upgradecheckworkflowrule(rulename,ruledesc,ruletype,checktype,content,replacecontent,version) values ('" + name + "','" + description + "','" + ruletype + "','" + checktype + "','" + content + "','" + replacecontent + "','" + version + "')";
                }
                res = rs.executeSql(insertSql);
            }
        } else {
            if ("OK".equals(check)) {
                String updateSql = "";
                if ("specialfilecheck".equalsIgnoreCase(rulefrom)) {
                    updateSql = "update upgradecheckrule set rulename='" + name + "',ruledesc='" + description + "',ruletype='" + ruletype + "',checktype='" + checktype + "',content='" + content + "',replacecontent='" + replacecontent + "',version='" + version + "' where id='" + flageid + "'";
                } else if ("mode".equalsIgnoreCase(rulefrom)) {
                    updateSql = "update upgradecheckmoderule set rulename='" + name + "',ruledesc='" + description + "',ruletype='" + ruletype + "',checktype='" + checktype + "',content='" + content + "',replacecontent='" + replacecontent + "',version='" + version + "',contenttype='" + contenttype + "' where id='" + flageid + "'";
                } else if ("mobilemode".equalsIgnoreCase(rulefrom)) {
                    updateSql = "update checkmobilemoderule set rulename='" + name + "',ruledesc='" + description + "',ruletype='" + ruletype + "',checktype='" + checktype + "',content='" + content + "',replacecontent='" + replacecontent + "',version='" + version + "',contenttype='" + contenttype + "' where id='" + flageid + "'";
                } else {
                    updateSql = "update upgradecheckworkflowrule set rulename='" + name + "',ruledesc='" + description + "',ruletype='" + ruletype + "',checktype='" + checktype + "',content='" + content + "',replacecontent='" + replacecontent + "',version='" + version + "' where id='" + flageid + "'";
                }
                res = rs.execute(updateSql);
            }
        }
        if (res) {
            out.print("{\"status\":\"ok\"}");
        } else if (!"".equals(check)) {
            if ("pse".equals(check)) {
                if ("add".equals(method)) {
                    out.print("{\"status\":\"addPse\"}");
                } else {
                    out.print("{\"status\":\"updatePse\"}");
                }
            } else if ("add".equals(method)) {
                out.print("{\"status\":\"addNoCheck\"}");
            } else {
                out.print("{\"status\":\"updateNoCheck\"}");
            }
        } else {
            if ("add".equals(method)) {
                out.print("{\"status\":\"adderror\"}");
            } else {
                out.print("{\"status\":\"updateerror\"}");
            }
        }
    }
%>