alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

What this is

This file is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Other links

The source code

/*
 * $Header: /cvsroot/mvnforum/mvnforum/src/com/mvnforum/user/AttachmentWebHandler.java,v 1.48 2005/01/28 08:11:03 minhnn Exp $
 * $Author: minhnn $
 * $Revision: 1.48 $
 * $Date: 2005/01/28 08:11:03 $
 *
 * ====================================================================
 *
 * Copyright (C) 2002-2005 by MyVietnam.net
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or any later version.
 *
 * All copyright notices regarding mvnForum MUST remain intact
 * in the scripts and in the outputted HTML.
 * The "powered by" text/logo with a link back to
 * http://www.mvnForum.com and http://www.MyVietnam.net in the
 * footer of the pages MUST remain visible when the pages
 * are viewed on the internet or intranet.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 * Support can be obtained from support forums at:
 * http://www.mvnForum.com/mvnforum/index
 *
 * Correspondence and Marketing Questions can be sent to:
 * info@MyVietnam.net
 *
 * @author: Minh Nguyen  minhnn@MyVietnam.net
 * @author: Mai  Nguyen  mai.nh@MyVietnam.net
 */
package com.mvnforum.user;

import java.io.*;
import java.sql.Timestamp;
import java.util.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.mvnforum.*;
import com.mvnforum.auth.*;
import com.mvnforum.common.AttachmentUtil;
import com.mvnforum.db.*;
import com.mvnforum.search.post.PostIndexer;
import net.myvietnam.mvncore.exception.*;
import net.myvietnam.mvncore.fileupload.*;
import net.myvietnam.mvncore.filter.DisableHtmlTagFilter;
import net.myvietnam.mvncore.interceptor.InterceptorService;
import net.myvietnam.mvncore.util.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

class AttachmentWebHandler {

    private static Log log = LogFactory.getLog(AttachmentWebHandler.class);

    private OnlineUserManager userManager = OnlineUserManager.getInstance();

    AttachmentWebHandler() {
    }

    public void prepareAdd(HttpServletRequest request)
        throws BadInputException, DatabaseException, ObjectNotFoundException,
        AuthenticationException, AssertionException {
        Locale locale = I18nUtil.getLocaleInRequest(request);
        if (MVNForumConfig.getEnableAttachment() == false) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.attachment_is_disabled");
            throw new AssertionException(localizedMessage);
            //throw new AssertionException("Cannot add Attachment because Attachment feature is disabled by administrator.");
        }

        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();
        /* was: permission.ensureIsAuthenticated();
         * That didn't allow guests to add attachments even if admin tried to
         * explicitly allow them to. So, we only need ensureCanAddAttachment(forumID),
         * and the admin will be responsible if he gets flooded (as he has to
         * explicitly allow them that anyway).
         * Same goes for processAdd() method below.
         */

        // primary key column(s)
        int postID  = ParamUtil.getParameterInt(request, "post");

        PostBean postBean = null;
        try {
            postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
        } catch (ObjectNotFoundException ex) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.postid_not_exists", new Object[] {new Integer(postID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        int forumID       = postBean.getForumID();
        permission.ensureCanAddAttachment(forumID);

        ForumCache.getInstance().getBean(forumID).ensureNotDisabledForum();

        int logonMemberID = onlineUser.getMemberID();
        int authorID      = postBean.getMemberID();

        // check constraint
        if (permission.canEditPost(forumID)) {//@todo is this the correct permission checking ??? Igor: yes it is
            // have permission, just do nothing, that is dont check the max day contraint
        } else if ( (logonMemberID==authorID) && onlineUser.isMember() ) {
            // same author, but not guest
            Timestamp now = DateUtil.getCurrentGMTTimestamp();
            // check date here, usually must not older than 1 days
            Timestamp postDate = postBean.getPostCreationDate();
            int maxDays = MVNForumConfig.getMaxAttachDays();
            if ( (now.getTime() - postDate.getTime()) > (DateUtil.DAY * maxDays) ) {
                /** @todo choose a better Exception here */
                String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.attach_into_old_post", new Object[] {new Integer(maxDays)});
                throw new BadInputException(localizedMessage);
                //throw new BadInputException("You cannot attach a file to a post which is older than " + maxDays + " days.");
            }
            /** @todo check status of first post of thread always enable */
            if (postBean.getPostStatus() == PostBean.POST_STATUS_DISABLED) {
                //@todo : localize me
                throw new BadInputException("Cannot attach a file to disabled post.");
            }
        } else {//not an author, so this user must have Edit Permission
            //@todo is this the correct permission checking ??? Igor: yes it is
            permission.ensureCanEditPost(forumID);// this method ALWAYS throws AuthenticationException
        }

        request.setAttribute("PostBean", postBean);
    }

    void processAdd(HttpServletRequest request, HttpServletResponse response)
        throws BadInputException, CreateException, DatabaseException, IOException, ForeignKeyNotFoundException,
        AuthenticationException, AssertionException, ObjectNotFoundException, InterceptorException {
        Locale locale = I18nUtil.getLocaleInRequest(request);

        if (MVNForumConfig.getEnableAttachment() == false) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.attachment_is_disabled");
            throw new AssertionException(localizedMessage);
            //throw new AssertionException("Cannot add Attachment because Attachment feature is disabled by administrator.");
        }

        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();
        /* was: permission.ensureIsAuthenticated();
         * See prepareAdd() method above.
         */

        MyUtil.saveVNTyperMode(request, response);

        String tempDir = MVNForumConfig.getTempDir();
        log.debug("AttachmentWebHandler : process upload with temp dir = " + tempDir);

        FileUpload fileUpload = new FileUpload();
        if (permission.canAdminSystem()) {
            // Admin can upload with umlimited size
            fileUpload.setSizeMax( -1);
        } else {
            fileUpload.setSizeMax(MVNForumConfig.getMaxAttachmentSize());
        }
        fileUpload.setSizeThreshold(100000);// max memory used = 100K
        fileUpload.setRepositoryPath(tempDir);
        List fileItems;
        try {
            fileItems = fileUpload.parseRequest(request);
        } catch (FileUploadException ex) {
            log.error("Cannot upload", ex);
            String localizedMessage = MVNForumResourceBundle.getString(locale, "java.io.IOException.cannot_upload", new Object[] {ex.getMessage()});
            throw new IOException(localizedMessage);
            //throw new IOException("Cannot upload. Detailed reason: " + ex.getMessage());
        }

        // values that must get from the form
        int offset                  = 0;
        int postID                  = 0;
        String attachFilename       = null;
        int attachFileSize          = 0;
        String attachMimeType       = null;
        String attachDesc           = null;

        FileItem attachFileItem = null;
        boolean attachMore = false;
        for (int i = 0; i < fileItems.size(); i++ ) {
            FileItem currentFileItem = (FileItem)fileItems.get(i);
            String fieldName = currentFileItem.getFieldName();
            if (fieldName.equals("offset")) {
                String content = currentFileItem.getString("utf-8");
                offset = Integer.parseInt(content);
                log.debug("offset = " + offset);
            } else if (fieldName.equals("AttachMore")) {
                String content = currentFileItem.getString("utf-8");
                attachMore = (content.length() > 0);
                log.debug("attachMore = " + attachMore);
            } else if (fieldName.equals("PostID")) {
                String content = currentFileItem.getString("utf-8");
                postID = Integer.parseInt(content);
                log.debug("postID = " + postID);
            } else if (fieldName.equals("AttachDesc")) {
                String content = currentFileItem.getString("utf-8");
                attachDesc = DisableHtmlTagFilter.filter(content);
                log.debug("attachDesc = " + attachDesc);
                InterceptorService.getInstance().validateContent(attachDesc);
            } else if (fieldName.equals("vnselector")) {
                //ignore
            } else if (fieldName.equals("AttachFilename")) {
                if (currentFileItem.isFormField() == true) {
                    String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.cannot_process_uploaded_attach_file_with_form_field");
                    throw new AssertionException(localizedMessage);
                    //throw new AssertionException("Cannot process uploaded attach file with a form field.");
                }
                attachMimeType = currentFileItem.getContentType();
                attachMimeType = DisableHtmlTagFilter.filter(attachMimeType);
                attachFileSize = (int)currentFileItem.getSize();
                if (attachFileSize == 0) {
                    String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.cannot_process_upload_with_file_size_is_zero");
                    throw new BadInputException(localizedMessage);
                    //throw new BadInputException("Cannot process an attach file with size = 0. Please check the file size or check if your file is missing.");
                }
                String fullFilePath = currentFileItem.getName();
                attachFilename = FileUtil.getFileName(fullFilePath);
                attachFilename = DisableHtmlTagFilter.filter(attachFilename);
                log.debug("attachFilename = " + attachFilename);

                // now save to attachFileItem
                attachFileItem = currentFileItem;
            } else {
                String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.cannot_process_field_name", new Object[] {fieldName});
                throw new AssertionException(localizedMessage);
                //throw new AssertionException("Cannot process field name = " + fieldName);
            }
        }
        Timestamp now = DateUtil.getCurrentGMTTimestamp();

        // check constraint
        PostBean postBean = null;
        try {
            postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
        } catch (ObjectNotFoundException ex) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.postid_not_exists", new Object[] {new Integer(postID)});
            throw new ObjectNotFoundException(localizedMessage);
        }
        int forumID = postBean.getForumID();
        permission.ensureCanAddAttachment(forumID);

        ForumCache.getInstance().getBean(forumID).ensureNotDisabledForum();

        int    logonMemberID    = onlineUser.getMemberID();
        //String logonMemberName  = onlineUser.getMemberName();
        int    authorID         = postBean.getMemberID();

        // check constraint
        if (permission.canEditPost(forumID)) { //@todo is this the correct permission checking ??? Igor: yes it is
            // have permission, just do nothing, that is dont check the max day contraint
        } else if ( (logonMemberID==authorID) && onlineUser.isMember() ) {
            // same author, but not guest
            // check date here, usually must not older than 1 days
            Timestamp postDate = postBean.getPostCreationDate();
            int maxDays = MVNForumConfig.getMaxAttachDays();
            if ( (now.getTime() - postDate.getTime()) > (DateUtil.DAY * maxDays) ) {
                /** @todo choose a better Exception here */
                String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.attach_into_old_post", new Object[] {new Integer(maxDays)});
                throw new BadInputException(localizedMessage);
                //throw new BadInputException("You cannot attach a file to a post which is older than " + maxDays + " days.");
            }
            /** @todo check status of first post of thread always enable */
            if (postBean.getPostStatus() == PostBean.POST_STATUS_DISABLED) {
                //@todo : localize me
                throw new BadInputException("Cannot attach a file to disabled post.");
            }
        } else {//not an author, so this user must have Edit Permission
            //@todo is this the correct permission checking ??? Igor: yes it is
            permission.ensureCanEditPost(forumID);// this method ALWAYS throws AuthenticationException
        }

        // now all contraints/permission have been checked
        // values that we can init now
        String attachCreationIP     = request.getRemoteAddr();
        Timestamp attachCreationDate= now;
        Timestamp attachModifiedDate= now;
        int attachDownloadCount     = 0;
        int attachOption            = 0;// check it
        int attachStatus            = 0;// check it

        int attachID = DAOFactory.getAttachmentDAO().createAttachment(postID, logonMemberID, attachFilename,
                                         attachFileSize, attachMimeType, attachDesc,
                                         attachCreationIP, attachCreationDate, attachModifiedDate,
                                         attachDownloadCount, attachOption, attachStatus);

        try {
            String filename = AttachmentUtil.getAttachFilenameOnDisk(attachID);
            log.debug("Attach filename to save to file system = " + filename);
            attachFileItem.write(filename);
        } catch (Exception ex) {
            log.error("Cannot save the attachment file", ex);
            DAOFactory.getAttachmentDAO().delete(attachID);
            String localizedMessage = MVNForumResourceBundle.getString(locale, "java.io.IOException.cannot_save_attach_file");
            throw new IOException(localizedMessage);
            //throw new IOException("Cannot save the attachment file to the file system.");
        }

        // we dont want the exception to throw below this
        int threadID = postBean.getThreadID();
        int attachCount = DAOFactory.getAttachmentDAO().getNumberOfAttachments_inPost(postID);
        DAOFactory.getPostDAO().updateAttachCount(postID, attachCount);

        // Now update the post because the attachment count in this post is changed
        postBean.setPostAttachCount(attachCount);
        PostIndexer.scheduleUpdatePostTask(postBean);

        int attachCountInThread = DAOFactory.getAttachmentDAO().getNumberOfAttachments_inThread(threadID);
        DAOFactory.getThreadDAO().updateThreadAttachCount(threadID, attachCountInThread);

        request.setAttribute("ForumID", String.valueOf(forumID));
        request.setAttribute("ThreadID", String.valueOf(threadID));
        request.setAttribute("PostID", String.valueOf(postID));
        request.setAttribute("offset", String.valueOf(offset));
        request.setAttribute("AttachMore", new Boolean(attachMore));
    }

    void prepareEdit(HttpServletRequest request)
        throws ObjectNotFoundException, BadInputException, DatabaseException, AuthenticationException, AssertionException {

        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();

        Locale locale = I18nUtil.getLocaleInRequest(request);

        // primary key column(s)
        int attachID = ParamUtil.getParameterInt(request, "attach");
        AttachmentBean attachmentBean = null;
        try {
            attachmentBean = DAOFactory.getAttachmentDAO().getAttachment(attachID);
        } catch (ObjectNotFoundException e) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.attachmentid_not_exists", new Object[] {new Integer(attachID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        int postID = attachmentBean.getPostID();
        PostBean postBean = null;
        try {
            postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
        } catch (ObjectNotFoundException ex) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.postid_not_exists", new Object[] {new Integer(postID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        // now, check the permission
        permission.ensureCanEditPost(postBean.getForumID());

        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotDisabledForum();
        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotLockedForum();

        request.setAttribute("AttachmentBean", attachmentBean);
        request.setAttribute("PostBean", postBean);
    }

    void processEdit(HttpServletRequest request)
        throws BadInputException, DatabaseException, AuthenticationException, AssertionException, ObjectNotFoundException {

        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();
        Locale locale = I18nUtil.getLocaleInRequest(request);
        // user must have been authenticated before he can delete
        permission.ensureIsAuthenticated();

        // primary key column(s)
        int attachID = ParamUtil.getParameterInt(request, "attach");

        AttachmentBean attachmentBean = DAOFactory.getAttachmentDAO().getAttachment(attachID);
        int postID = attachmentBean.getPostID();

        PostBean postBean = null;
        try {
            postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
        } catch (ObjectNotFoundException ex) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.postid_not_exists", new Object[] {new Integer(postID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotDisabledForum();
        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotLockedForum();

        // now, check the permission
        permission.ensureCanEditPost(postBean.getForumID());

        // now check the password
        MyUtil.ensureCorrectCurrentPassword(request);
        int threadID = postBean.getThreadID();

        // delete in database
        String newDesc = ParamUtil.getParameter(request, "newdesc");
        DAOFactory.getAttachmentDAO().updateAttachDesc(attachID, newDesc);

        request.setAttribute("ThreadID", String.valueOf(threadID));
    }

    void prepareDelete(HttpServletRequest request)
        throws ObjectNotFoundException, BadInputException, DatabaseException, AuthenticationException, AssertionException {

        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();

        Locale locale = I18nUtil.getLocaleInRequest(request);

        // primary key column(s)
        int attachID = ParamUtil.getParameterInt(request, "attach");
        AttachmentBean attachmentBean = null;
        try {
            attachmentBean = DAOFactory.getAttachmentDAO().getAttachment(attachID);
        } catch (ObjectNotFoundException e) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.attachmentid_not_exists", new Object[] {new Integer(attachID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        int postID = attachmentBean.getPostID();
        PostBean postBean = null;
        try {
            postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
        } catch (ObjectNotFoundException ex) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.postid_not_exists", new Object[] {new Integer(postID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        // now, check the permission
        permission.ensureCanDeletePost(postBean.getForumID());

        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotDisabledForum();
        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotLockedForum();

        request.setAttribute("AttachmentBean", attachmentBean);
        request.setAttribute("PostBean", postBean);
    }

    void processDelete(HttpServletRequest request)
        throws BadInputException, DatabaseException, AuthenticationException, AssertionException, ObjectNotFoundException {

        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();
        Locale locale = I18nUtil.getLocaleInRequest(request);
        // user must have been authenticated before he can delete
        permission.ensureIsAuthenticated();

        // primary key column(s)
        int attachID = ParamUtil.getParameterInt(request, "attach");

        AttachmentBean attachmentBean = DAOFactory.getAttachmentDAO().getAttachment(attachID);
        int postID = attachmentBean.getPostID();

        PostBean postBean = null;
        try {
            postBean = DAOFactory.getPostDAO().getPost(postID);// can throw DatabaseException
        } catch (ObjectNotFoundException ex) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.postid_not_exists", new Object[] {new Integer(postID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotDisabledForum();
        ForumCache.getInstance().getBean(postBean.getForumID()).ensureNotLockedForum();

        // now, check the permission
        permission.ensureCanDeletePost(postBean.getForumID());

        // now check the password
        MyUtil.ensureCorrectCurrentPassword(request);

        // delete in database
        DAOFactory.getAttachmentDAO().delete(attachID);

        // delete on disk
        AttachmentUtil.deleteAttachFilenameOnDisk(attachID);

        // we dont want the exception to throw below this
        int attachCount = DAOFactory.getAttachmentDAO().getNumberOfAttachments_inPost(postID);
        DAOFactory.getPostDAO().updateAttachCount(postID, attachCount);

        // Now update the post because the attachment count in this post is changed
        postBean.setPostAttachCount(attachCount);
        PostIndexer.scheduleUpdatePostTask(postBean);

        int threadID = postBean.getThreadID();
        int attachCountInThread = DAOFactory.getAttachmentDAO().getNumberOfAttachments_inThread(threadID);
        DAOFactory.getThreadDAO().updateThreadAttachCount(threadID, attachCountInThread);

        request.setAttribute("ThreadID", String.valueOf(threadID));
    }

    /*
     * @todo find a way to cache the file based on the http protocal
     * @todo check permission
     */
    void downloadAttachment(HttpServletRequest request, HttpServletResponse response)
        throws BadInputException, DatabaseException, ObjectNotFoundException, IOException,
        AuthenticationException, AssertionException  {

        Locale locale = I18nUtil.getLocaleInRequest(request);
        OnlineUser onlineUser = userManager.getOnlineUser(request);
        MVNForumPermission permission = onlineUser.getPermission();

        int attachID = ParamUtil.getParameterInt(request, "attach");
        AttachmentBean attachBean = null;
        try {
            attachBean = DAOFactory.getAttachmentDAO().getAttachment(attachID);
        } catch (ObjectNotFoundException e) {
            String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.attachmentid_not_exists", new Object[] {new Integer(attachID)});
            throw new ObjectNotFoundException(localizedMessage);
        }

        int postID = attachBean.getPostID();

        PostBean postBean = DAOFactory.getPostDAO().getPost(postID);
        int forumID = postBean.getForumID();
        ForumCache.getInstance().getBean(forumID).ensureNotDisabledForum();
        ForumCache.getInstance().getBean(forumID).ensureNotLockedForum();

        if (MVNForumConfig.getEnableGuestViewImageAttachment() &&
            attachBean.getAttachMimeType().startsWith("image/")) {
            // When guest can view image attachment AND this attachment is image
            // This is for security, at least in this case user must have permission to view post
            permission.ensureCanReadPost(forumID);
        } else {
            // Please note that user does not have to have read permission
            permission.ensureCanGetAttachment(forumID);
        }
        String attachFilename = AttachmentUtil.getAttachFilenameOnDisk(attachID);
        File attachFile = new File(attachFilename);
        if ((!attachFile.exists()) || (!attachFile.isFile())) {
            log.error("Can't find a file " + attachFile + " to be downloaded (or maybe it's directory).");
            String localizedMessage = MVNForumResourceBundle.getString(locale, "java.io.IOException.not_exist_or_not_file_to_be_downloaded");
            throw new IOException(localizedMessage + " (AttachID=" + attachID + ")");
            //throw new IOException("Can't find a file to be downloaded (or maybe it's directory).");
        }

        // we should not call this method after done the outputStream
        // because we dont want exception after download
        DAOFactory.getAttachmentDAO().increaseDownloadCount(attachID);

        InputStream inputStream = null;
        OutputStream outputStream = null;
        try {
            response.setContentType(attachBean.getAttachMimeType());
            response.setHeader("Location", attachBean.getAttachFilename());

            // now use Cache-Control if the MIME type are image
            if (attachBean.getAttachMimeType().startsWith("image/")) {
                long cacheTime = DateUtil.DAY * 30 / 1000;// 30 days
                response.setHeader("Cache-Control", "max-age=" + cacheTime);
            }
            //added by Dejan
            response.setHeader("Content-Disposition", "attachment; filename=" + attachBean.getAttachFilename());

            // now, the header inited, just write the file content on the output
            final int MEGABYTE = 1024 * 1024;
            if (true /*attachFile.length() > 1 * MEGABYTE*/) {// we always use the popFile to save memory
                outputStream = response.getOutputStream();
                //write using popFile when the file size's so large
                try {
                    FileUtil.popFile(attachFile, outputStream);
                } catch (IOException ex) {
                    // cannot throw Exception after we output to the response
                    log.error("Error while trying to send attachment file from server (" + attachFile + ").", ex);
                }
                log.debug("Downloading attachment using FileUtil.popFile method");
            } else {
                // small file
                try {
                    inputStream = new FileInputStream(attachFilename);
                } catch (IOException ex) {
                    // we dont want to show the filename on file system in the original exception for security
                    log.error("Cannot open attach file on file system with attach id = " + attachID, ex);
                    String localizedMessage = MVNForumResourceBundle.getString(locale, "java.io.IOException.cannot_open_attach_file", new Object[] {new Integer(attachID)});
                    throw new IOException(localizedMessage);
                    //throw new IOException("Cannot open attach file on file system with attach id = " + attachID + ". Please report this error to the Web site Administrator.");
                }
                byte[]buffer = FileUtil.getBytes(inputStream);
                inputStream.close();
                inputStream = null;// no close twice

                outputStream = response.getOutputStream();
                outputStream.write(buffer);
                log.debug("Downloading attachment using traditional method");
            }

            outputStream.flush();
            outputStream.close();
            outputStream = null;// no close twice
        } catch (IOException ex) {
            throw ex;
        } finally {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException ex) { }
            }
            if (outputStream != null) {
                try {
                    outputStream.close();
                } catch (IOException ex) { }
            }
        }
    }

    /**
     * NOTE: This method should be called before any attemp to delete a post
     * because it require the post is exited
     * After calling this method, go ahead and delete the post
     */
    static void deleteAttachments_inPost(int postID) throws DatabaseException {

        // First, try to delete attachment in database
        Collection attachmentBeans = DAOFactory.getAttachmentDAO().getAttachments_inPost(postID);
        DAOFactory.getAttachmentDAO().delete_inPost(postID);

        //now delete files on disk
        for (Iterator iter = attachmentBeans.iterator(); iter.hasNext(); ) {
            AttachmentBean attachmentBean = (AttachmentBean)iter.next();
            AttachmentUtil.deleteAttachFilenameOnDisk(attachmentBean.getAttachID());
        }
    }

    /**
     * NOTE: This method should be called before any attemp to delete a thread
     * because it require the thread is exited
     * After calling this method, go ahead and delete the thread
     */
    static void deleteAttachments_inThread(int threadID) throws DatabaseException {

        // First, try to delete attachment in database
        Collection attachmentBeans = DAOFactory.getAttachmentDAO().getAttachments_inThread(threadID);

        //now delete files on disk
        for (Iterator iter = attachmentBeans.iterator(); iter.hasNext(); ) {
            AttachmentBean attachmentBean = (AttachmentBean)iter.next();
            int attachID = attachmentBean.getAttachID();
            AttachmentUtil.deleteAttachFilenameOnDisk(attachID);
            try {
                DAOFactory.getAttachmentDAO().delete(attachID);
            } catch (Exception ex) {
                log.warn("Cannot delete attachment (id = " + attachID + ") in database", ex);
            }
        }
    }

}
... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.