Index: lams_central/src/java/org/lamsfoundation/lams/web/LAMSConnectorServlet.java =================================================================== diff -u -r1c001afed4496daabc08f0b83a4118458d400e5a -r738886899fd098b8cc2112c5e7974a9921a29c25 --- lams_central/src/java/org/lamsfoundation/lams/web/LAMSConnectorServlet.java (.../LAMSConnectorServlet.java) (revision 1c001afed4496daabc08f0b83a4118458d400e5a) +++ lams_central/src/java/org/lamsfoundation/lams/web/LAMSConnectorServlet.java (.../LAMSConnectorServlet.java) (revision 738886899fd098b8cc2112c5e7974a9921a29c25) @@ -29,9 +29,10 @@ import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; -import org.apache.commons.fileupload.DiskFileUpload; import org.apache.commons.fileupload.FileItem; import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; import org.apache.commons.io.IOUtils; import org.apache.log4j.Logger; import org.lamsfoundation.lams.authoring.web.AuthoringConstants; @@ -43,9 +44,9 @@ import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; +import org.springframework.util.FileCopyUtils; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; -import org.springframework.web.multipart.MultipartFile; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -305,30 +306,30 @@ if (LAMSConnectorServlet.debug) { log.debug("File save started"); } - String newName = ""; - DiskFileUpload upload = new DiskFileUpload(); - List items = upload.parseRequest(request); - Map fields = new HashMap(); + DiskFileItemFactory fileItemFactory = new DiskFileItemFactory(); + ServletFileUpload fileUpload = new ServletFileUpload(fileItemFactory); + List items = fileUpload.parseRequest(request); - Iterator iter = items.iterator(); + Map fields = new HashMap<>(); + Iterator iter = items.iterator(); while (iter.hasNext()) { - FileItem item = (FileItem) iter.next(); + FileItem item = iter.next(); if (item.isFormField()) { fields.put(item.getFieldName(), item.getString()); } else { fields.put(item.getFieldName(), item); } } - MultipartFile uplFile = (MultipartFile) fields.get("NewFile"); + FileItem uplFile = (FileItem) fields.get("NewFile"); String fileNameLong = uplFile.getName(); fileNameLong = fileNameLong.replace('\\', '/'); String[] pathParts = fileNameLong.split("/"); String fileName = pathParts[pathParts.length - 1]; // validate file size - boolean maxFilesizeExceededMessage = FileValidatorSpringUtil.validateFileSize(uplFile, true); + boolean maxFilesizeExceededMessage = FileValidatorSpringUtil.validateFileSize(uplFile.getSize(), true); if (!maxFilesizeExceededMessage) { //assign fileName an error message to be shown on a client side fileName = messageService.getMessage("errors.maxfilesize", @@ -356,7 +357,7 @@ counter++; } - uplFile.transferTo(pathToSave); + FileCopyUtils.copy(uplFile.getInputStream(), new FileOutputStream(pathToSave)); if (counter > 1) { retVal.append("201"); Index: lams_central/src/java/org/lamsfoundation/lams/web/LAMSUploadServlet.java =================================================================== diff -u -r0ba7efc96c3f73335301e3e9fbde3129867efd3d -r738886899fd098b8cc2112c5e7974a9921a29c25 --- lams_central/src/java/org/lamsfoundation/lams/web/LAMSUploadServlet.java (.../LAMSUploadServlet.java) (revision 0ba7efc96c3f73335301e3e9fbde3129867efd3d) +++ lams_central/src/java/org/lamsfoundation/lams/web/LAMSUploadServlet.java (.../LAMSUploadServlet.java) (revision 738886899fd098b8cc2112c5e7974a9921a29c25) @@ -6,6 +6,7 @@ package org.lamsfoundation.lams.web; import java.io.File; +import java.io.FileOutputStream; import java.io.IOException; import java.io.PrintWriter; import java.util.HashMap; @@ -18,18 +19,19 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.fileupload.DiskFileUpload; import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; import org.apache.log4j.Logger; import org.lamsfoundation.lams.util.Configuration; import org.lamsfoundation.lams.util.ConfigurationKeys; import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorSpringUtil; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.UploadFileUtil; +import org.springframework.util.FileCopyUtils; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; -import org.springframework.web.multipart.MultipartFile; /** * Servlet to upload files.
@@ -69,11 +71,10 @@ * javascript command in it. * */ - @SuppressWarnings("unchecked") @Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug("Upload started"); + if (log.isDebugEnabled()) { + log.debug("Upload started"); } String currentFolderStr = request.getParameter("CurrentFolder"); @@ -88,24 +89,25 @@ // get realBaseDir and lamsContextPath at request time from config values in memory String fileType = request.getParameter("Type"); - DiskFileUpload upload = new DiskFileUpload(); + DiskFileItemFactory fileItemFactory = new DiskFileItemFactory(); + ServletFileUpload fileUpload = new ServletFileUpload(fileItemFactory); try { - List items = upload.parseRequest(request); + List fileItems = fileUpload.parseRequest(request); Map fields = new HashMap<>(); - Iterator iter = items.iterator(); + Iterator iter = fileItems.iterator(); while (iter.hasNext()) { - FileItem item = iter.next(); - if (item.isFormField()) { - fields.put(item.getFieldName(), item.getString()); + FileItem fileItem = iter.next(); + if (fileItem.isFormField()) { + fields.put(fileItem.getFieldName(), fileItem.getString()); } else { - fields.put(item.getFieldName(), item); + fields.put(fileItem.getFieldName(), fileItem); } } - MultipartFile uplFile = (MultipartFile) fields.get("NewFile"); + FileItem uplFile = (FileItem) fields.get("NewFile"); if (uplFile == null) { // form field name used by CKEditor 3.x - uplFile = (MultipartFile) fields.get("upload"); + uplFile = (FileItem) fields.get("upload"); } String fileNameLong = uplFile.getName(); @@ -114,7 +116,7 @@ String fileName = pathParts[pathParts.length - 1]; // validate file size - boolean maxFilesizeExceededMessage = FileValidatorSpringUtil.validateFileSize(uplFile, true); + boolean maxFilesizeExceededMessage = FileValidatorSpringUtil.validateFileSize(uplFile.getSize(), true); if (!maxFilesizeExceededMessage) { fileName = messageService.getMessage("errors.maxfilesize", new Object[] { Configuration.getAsInt(ConfigurationKeys.UPLOAD_FILE_LARGE_MAX_SIZE) }); @@ -132,13 +134,13 @@ String currentWebPath = UploadFileUtil.getUploadWebPath(currentFolderStr, fileType); fileUrl = currentWebPath + '/' + fileName; - uplFile.transferTo(destinationFile); - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug("Uploaded file to " + destinationFile.getAbsolutePath()); + FileCopyUtils.copy(uplFile.getInputStream(), new FileOutputStream(destinationFile)); + if (log.isDebugEnabled()) { + log.debug("Uploaded file to " + destinationFile.getAbsolutePath()); } } } catch (Exception e) { - LAMSUploadServlet.log.error(e); + log.error(e); returnMessage = "Error while uploading file: " + e.getMessage(); } } @@ -160,14 +162,13 @@ out.println(""); out.flush(); out.close(); - } else if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log - .debug("No CKEditor method found to run after completion, but upload finished with message: " - + returnMessage); + } else if (log.isDebugEnabled()) { + log.debug("No CKEditor method found to run after completion, but upload finished with message: " + + returnMessage); } - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug("Upload finished"); + if (log.isDebugEnabled()) { + log.debug("Upload finished"); } } } \ No newline at end of file Index: lams_central/src/java/org/lamsfoundation/lams/web/QuestionsController.java =================================================================== diff -u -ra127989b08183726fcbb9956721eff6553c4a0eb -r738886899fd098b8cc2112c5e7974a9921a29c25 --- lams_central/src/java/org/lamsfoundation/lams/web/QuestionsController.java (.../QuestionsController.java) (revision a127989b08183726fcbb9956721eff6553c4a0eb) +++ lams_central/src/java/org/lamsfoundation/lams/web/QuestionsController.java (.../QuestionsController.java) (revision 738886899fd098b8cc2112c5e7974a9921a29c25) @@ -1,5 +1,6 @@ package org.lamsfoundation.lams.web; +import java.io.File; import java.io.InputStream; import java.util.Collections; import java.util.List; @@ -8,8 +9,9 @@ import javax.servlet.http.HttpServletRequest; -import org.apache.commons.fileupload.DiskFileUpload; import org.apache.commons.fileupload.FileItem; +import org.apache.commons.fileupload.disk.DiskFileItemFactory; +import org.apache.commons.fileupload.servlet.ServletFileUpload; import org.apache.commons.lang.StringUtils; import org.lamsfoundation.lams.questions.Question; import org.lamsfoundation.lams.questions.QuestionParser; @@ -25,10 +27,6 @@ /** * Runs extraction of chosen IMS QTI zip file and prepares form for user to manually choose interesting question. - * - * - * - * */ @Controller public class QuestionsController { @@ -37,28 +35,34 @@ @Qualifier("centralMessageService") MessageService messageService; - @SuppressWarnings("unchecked") @RequestMapping("/questions") public String execute(HttpServletRequest request) throws Exception { - // cumberstone way of extracting POSTed form with a file - DiskFileUpload formParser = new DiskFileUpload(); - formParser.setRepositoryPath(Configuration.get(ConfigurationKeys.LAMS_TEMP_DIR)); - List formFields = formParser.parseRequest(request); + + String tempDirName = Configuration.get(ConfigurationKeys.LAMS_TEMP_DIR); + File tempDir = new File(tempDirName); + if (!tempDir.exists()) { + tempDir.mkdirs(); + } + + DiskFileItemFactory fileItemFactory = new DiskFileItemFactory(); + fileItemFactory.setRepository(tempDir); + ServletFileUpload fileUpload = new ServletFileUpload(fileItemFactory); + List fileItems = fileUpload.parseRequest(request); String returnURL = null; String limitTypeParam = null; InputStream uploadedFileStream = null; String packageName = null; - for (FileItem formField : formFields) { - String fieldName = formField.getFieldName(); + for (FileItem fileItem : fileItems) { + String fieldName = fileItem.getFieldName(); if ("returnURL".equals(fieldName)) { // this can be empty; if so, another method of delivering results is used - returnURL = formField.getString(); + returnURL = fileItem.getString(); } else if ("limitType".equals(fieldName)) { - limitTypeParam = formField.getString(); - } else if ("file".equals(fieldName) && !StringUtils.isBlank(formField.getName())) { - packageName = formField.getName().toLowerCase(); - uploadedFileStream = formField.getInputStream(); + limitTypeParam = fileItem.getString(); + } else if ("file".equals(fieldName) && !StringUtils.isBlank(fileItem.getName())) { + packageName = fileItem.getName().toLowerCase(); + uploadedFileStream = fileItem.getInputStream(); } } Index: lams_common/src/java/org/lamsfoundation/lams/util/UploadFileUtil.java =================================================================== diff -u -r7475d08afc280b5e2e5ddf04e8bf35e3166aaf80 -r738886899fd098b8cc2112c5e7974a9921a29c25 --- lams_common/src/java/org/lamsfoundation/lams/util/UploadFileUtil.java (.../UploadFileUtil.java) (revision 7475d08afc280b5e2e5ddf04e8bf35e3166aaf80) +++ lams_common/src/java/org/lamsfoundation/lams/util/UploadFileUtil.java (.../UploadFileUtil.java) (revision 738886899fd098b8cc2112c5e7974a9921a29c25) @@ -24,13 +24,7 @@ package org.lamsfoundation.lams.util; import java.io.File; -import java.util.List; -import javax.servlet.http.HttpServletRequest; - -import org.apache.commons.fileupload.DiskFileUpload; -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileUploadException; import org.apache.log4j.Logger; import org.lamsfoundation.lams.authoring.web.AuthoringConstants; @@ -52,100 +46,6 @@ } /** - * Given the current servlet request and the name of a temporary directory, get a list of all the uploaded items - * from a multipart form. This includes any uploaded files and the "normal" input fields on the form. Gets the - * temporary directory from the configuration file. Equivalent to getUploadItems(request, useLargeFileSize, null) - * - * @param request - * - current servlet request - * @param useLargeFileSize - * - use the large file size. If not true, use the standard file size. - * @return List of items, of type FileItem - */ - public static List getUploadItems(HttpServletRequest request, boolean useLargeFileSize) - throws FileUploadException, Exception { - return UploadFileUtil.getUploadItems(request, useLargeFileSize, null); - } - - /** - * Given the current servlet request and the name of a temporary directory, get a list of all the uploaded items - * from a multipart form. This includes any uploaded files and the "normal" input fields on the form. - * - * @param request - * - current servlet request - * @param useLargeFileSize - * - use the large file size. If not true, use the standard file size. - * @param tempDirName - * - the name of the directory into which temporary files can be written - * @return List of items, of type FileItem - */ - @SuppressWarnings("unchecked") - public static List getUploadItems(HttpServletRequest request, boolean useLargeFileSize, - String tempDirNameInput) throws FileUploadException, Exception { - - int max_size = UploadFileUtil.DEFAULT_MAX_SIZE; - int max_memory_size; - String tempDirName = null; - - int tempInt = -1; - - if (useLargeFileSize) { - tempInt = Configuration.getAsInt(ConfigurationKeys.UPLOAD_FILE_LARGE_MAX_SIZE); - if (tempInt != -1) { - max_size = tempInt; - } else { - UploadFileUtil.log.warn( - "Default Large Max Size for file upload missing, using " + UploadFileUtil.DEFAULT_MAX_SIZE); - } - } else { - tempInt = Configuration.getAsInt(ConfigurationKeys.UPLOAD_FILE_MAX_SIZE); - if (tempInt != -1) { - max_size = tempInt; - } else { - UploadFileUtil.log - .warn("Default Max Size for file upload missing, using " + UploadFileUtil.DEFAULT_MAX_SIZE); - } - } - - tempInt = Configuration.getAsInt(ConfigurationKeys.UPLOAD_FILE_MAX_MEMORY_SIZE); - if (tempInt != -1) { - max_memory_size = tempInt; - } else { - UploadFileUtil.log.warn( - "Default Max Memory Size for file upload missing, using " + UploadFileUtil.DEFAULT_MEMORY_SIZE); - max_memory_size = UploadFileUtil.DEFAULT_MEMORY_SIZE; - } - - if (tempDirNameInput != null) { - tempDirName = tempDirNameInput; - } else { - tempDirName = Configuration.get(ConfigurationKeys.LAMS_TEMP_DIR); - if (tempDirName == null) { - UploadFileUtil.log.warn("Default Temporary Directory missing, using null"); - } - } - // would be nice to only do this once! never mind. - if (tempDirName != null) { - File dir = new File(tempDirName); - if (!dir.exists()) { - dir.mkdirs(); - } - } - - // Create a new file upload handler - DiskFileUpload upload = new DiskFileUpload(); - - // Set upload parameters - upload.setSizeMax(max_size); - upload.setSizeThreshold(max_memory_size); - upload.setRepositoryPath(tempDirName); - - // Parse the request - List items = upload.parseRequest(request); - return items; - } - - /** * @return Maximum size (in megabytes) that a file may be. Standard size, use during running of sequence. */ public static float getMaxFileSize() { Index: lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/AuthoringController.java =================================================================== diff -u -r4353f26f9509808acdf41d0deef6cf5fd458a2b7 -r738886899fd098b8cc2112c5e7974a9921a29c25 --- lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/AuthoringController.java (.../AuthoringController.java) (revision 4353f26f9509808acdf41d0deef6cf5fd458a2b7) +++ lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/AuthoringController.java (.../AuthoringController.java) (revision 738886899fd098b8cc2112c5e7974a9921a29c25) @@ -51,8 +51,6 @@ import org.apache.commons.beanutils.PropertyUtils; import org.apache.commons.collections.CollectionUtils; -import org.apache.commons.fileupload.DiskFileUpload; -import org.apache.commons.fileupload.FileItem; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.math.NumberUtils; import org.apache.log4j.Logger; @@ -86,6 +84,8 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.multipart.MultipartFile; import com.thoughtworks.xstream.XStream; import com.thoughtworks.xstream.io.xml.StaxDriver; @@ -1086,7 +1086,7 @@ * Imports questions into question bank from uploaded xml file. */ @RequestMapping("/importQuestions") - public String importQuestions(HttpServletRequest request) throws ServletException { + public String importQuestions(@RequestParam("UPLOAD_FILE") MultipartFile file, HttpServletRequest request) throws ServletException { String sessionMapID = WebUtil.readStrParam(request, AssessmentConstants.ATTR_SESSION_MAP_ID); SessionMap sessionMap = (SessionMap) request.getSession() .getAttribute(sessionMapID); @@ -1095,44 +1095,21 @@ List toolsErrorMsgs = new ArrayList<>(); try { - File designFile = null; - Map params = new HashMap<>(); - String filename = null; - String uploadPath = FileUtil.createTempDirectory("_uploaded_2questions_xml"); - DiskFileUpload fu = new DiskFileUpload(); - // maximum size that will be stored in memory - fu.setSizeThreshold(4096); - // the location for saving data that is larger than getSizeThreshold() - // fu.setRepositoryPath(uploadPath); + // filename on the client + String filename = FileUtil.getFileName(file.getOriginalFilename()); + File destinationFile = new File(uploadPath, filename); + file.transferTo(destinationFile); - List fileItems = fu.parseRequest(request); - Iterator iter = fileItems.iterator(); - while (iter.hasNext()) { - FileItem fi = (FileItem) iter.next(); - // UPLOAD_FILE is input field from HTML page - if (!fi.getFieldName().equalsIgnoreCase("UPLOAD_FILE")) { - params.put(fi.getFieldName(), fi.getString()); - } else { - // filename on the client - filename = FileUtil.getFileName(fi.getName()); - designFile = new File(uploadPath + filename); - fi.write(designFile); - } - } - - String filename2 = designFile.getName(); - String fileExtension = (filename2 != null) && (filename2.length() >= 4) - ? filename2.substring(filename2.length() - 4) - : ""; - if (!fileExtension.equalsIgnoreCase(".xml")) { + String fileExtension = FileUtil.getFileExtension(filename); + if (!fileExtension.equalsIgnoreCase("xml")) { throw new RuntimeException("Wrong file extension. Xml is expected"); } // String learningDesignPath = ZipFileUtil.expandZip(new FileInputStream(designFile), filename2); // import learning design - String fullFilePath = designFile.getAbsolutePath();// FileUtil.getFullPath(learningDesignPath, + String fullFilePath = destinationFile.getAbsolutePath();// FileUtil.getFullPath(learningDesignPath, // ExportToolContentService.LEARNING_DESIGN_FILE_NAME); List questions = (List) FileUtil.getObjectFromXML(null, fullFilePath);