70 lines
3.2 KiB
Java
70 lines
3.2 KiB
Java
package de.gurkengewuerz.termbin.Server;
|
|
|
|
import de.gurkengewuerz.termbin.Termbin;
|
|
import de.gurkengewuerz.termbin.Utils.SQLInjectionEscaper;
|
|
import org.eclipse.jetty.server.Request;
|
|
import org.eclipse.jetty.server.handler.AbstractHandler;
|
|
|
|
import javax.servlet.ServletException;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
import java.io.IOException;
|
|
import java.sql.ResultSet;
|
|
import java.sql.SQLException;
|
|
import java.util.logging.Level;
|
|
import java.util.logging.Logger;
|
|
|
|
/**
|
|
* Created by gurkengewuerz.de on 02.07.2017.
|
|
*/
|
|
public class DataHandler extends AbstractHandler {
|
|
|
|
@Override
|
|
public void handle(String s, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
|
|
Logger.getLogger(getClass().getName()).log(Level.INFO, "API Request by " + request.getHeader("User-Agent") + " " + request.getRemoteAddr() + "@" + s);
|
|
Termbin.getAccesslog().log(Level.INFO, request.getRemoteAddr() + " - - " + request.getHeader("User-Agent") + " - " + s);
|
|
|
|
if (Termbin.getConfig().isBanned(request.getRemoteAddr())) {
|
|
request.setHandled(true);
|
|
Logger.getLogger(getClass().getName()).log(Level.INFO, "Request by " + request.getRemoteAddr() + "@" + s + " closed BANNED");
|
|
return;
|
|
}
|
|
|
|
request.setCharacterEncoding("UTF-8");
|
|
httpServletResponse.setCharacterEncoding("UTF-8");
|
|
try {
|
|
ResultSet rs = Termbin.getDatabase().executeQuery("SELECT * FROM data WHERE uniqueid = '" + SQLInjectionEscaper.escapeString(s.substring(1), false) + "' LIMIT 1;");
|
|
|
|
boolean found = false;
|
|
httpServletResponse.setStatus(HttpServletResponse.SC_OK);
|
|
while (rs.next()) {
|
|
if ((((System.currentTimeMillis() / 1000) - rs.getFloat("timestamp")) / 60 / 60) > Termbin.getConfig().getInt("uploadlifetime"))
|
|
break;
|
|
found = true;
|
|
httpServletResponse.setContentType(rs.getString("filetype"));
|
|
if (rs.getString("filetype").equals("text/plain")) {
|
|
httpServletResponse.getOutputStream().write(rs.getString("text").getBytes("UTF-8"));
|
|
} else {
|
|
httpServletResponse.setContentLength(rs.getBytes("rawData").length);
|
|
httpServletResponse.getOutputStream().write(rs.getBytes("rawData"));
|
|
}
|
|
}
|
|
|
|
if (!found) {
|
|
httpServletResponse.setStatus(HttpServletResponse.SC_NOT_FOUND);
|
|
httpServletResponse.setContentType("text/html");
|
|
httpServletResponse.getOutputStream().write("<html><body><img src='https://http.cat/404'/></body></html>".getBytes("UTF-8"));
|
|
}
|
|
|
|
} catch (SQLException e) {
|
|
Logger.getLogger(getClass().getName()).log(Level.SEVERE, null, e);
|
|
httpServletResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
|
|
httpServletResponse.setContentType("text/html");
|
|
httpServletResponse.getOutputStream().write("<html><body><img src='https://http.cat/500'/></body></html>".getBytes("UTF-8"));
|
|
|
|
}
|
|
|
|
request.setHandled(true);
|
|
}
|
|
}
|