1 long userID = ServiceUtils.getCurrentUserID(req);
2 if (!UserControl.getInstance().hasModulePrivilege(userID, FSConstants.MODULEID.SERVERCONFIG)) {
3 throw new NoPrivilegeException();
4 }
1 /**
2 * 校验二进制头,判断是否真的是图片。 判断图片大小,是否大于MAX_IMAGE_SIZE:20M
3 *
4 * @param file
5 * @return
6 * @throws FileNotFoundException
7 */
8 private boolean isValidImage(File file) throws IOException {
9 if (file.length() > MAX_IMAGE_SIZE) {
10 return false;
11 }
12
13 InputStream inputStream = new FileInputStream(file);
14 ImageInfo imageInfo = new ImageInfo();
15 imageInfo.setInput(inputStream);
16 boolean result = imageInfo.check();
17 inputStream.close();
18 return result;
19 }
1 CodeUtils.sha256Encode(syncUser.getPassword())
1 "INSERT INTO guests ( firstName, lastName, email ) VALUES ( ?, ?, ? )"
2 preparedStatement.setString( 1, "xx");
3 preparedStatement.setString( 2, "xx");
4 preparedStatement.setString( 3, "xx@xx");
1 // 错误
2 $("#popup_title").html(title);
3 // 正确
4 FR.html($("#popup_title"), title);
5
6
7 /**
8 * 使用jquery的html()之前先将content进行去脚本处理
9 * @param {ob} jquery对象。
10 * @param {value} 渲染的内容。
11 */
12 FR.html: function (ob, content) {
13 function transferStr (str){
14 return str.replace(/ /gi, " ").replace(/<script>/gi, '<script>').replace(/<\/script>/gi, '<\/script>');
15 }
16 ob.html(transferStr(content));
17 return ob;
18 }
1 PrintWriter writer = WebUtils.createPrintWriter(res);
2 writer.println("Unresolvable Operation:" + StableUtils.replaceScript4Xss(op) + " in class ReportDispatcher");
1 window.localStorage.setItem('fr_token', getTokenFromUrl(signResult.url));
1 /**
2 * 校验jwt
3 *
4 * @param req 请求
5 * @return 校验结果
6 */
7 public static boolean checkJWT(HttpServletRequest req, HttpServletResponse res) throws Exception {
8 PrivilegeVote vote = JwtUtils.checkJWT(req) ? PrivilegeVoteImpls.SUCCESS : FSPrivilegeVote.FS_AUTH_ERROR;
9 boolean isPermitted = vote.isPermitted();
10 if (!isPermitted) {
11 vote.action(req, res);
12 }
13 return isPermitted;
14 }
1 if (FRLogger.getLogger().isLoggable(Level.CONFIG)) {
2 FRLogger.getLogger().info(Inter.getLocText("FR-Base_Get_Machine_Info_Prompt", StringUtils.join(StringUtils.BLANK, command)));
3 }
4 process = Runtime.getRuntime().exec(command);