<%@page import="jcms.util.SafeUtil"%>
<%@page contentType="text/html;charset=UTF-8"%><%@page 
import="jcms.blf.webinfo.Jcms_WebinfomationBLF"%><%@
page import="com.hanweb.common.util.Convert"%><%@
page import="java.io.File"%><%@
page import="com.hanweb.common.log.LogWriter"%><%@
page import="jcms.blf.medium.Jcms_AttachBLF"%><%@
page import="jcms.entity.Jcms_AttachEntity"%>
<%@page import="java.net.URLEncoder"%>
<%@page import="java.util.regex.Pattern"%>
<%@page import="java.util.regex.Matcher"%>
<jsp:useBean id="xmlFile" class="jcms.allmodal.XMLFile" scope="page" />
<%@include file="./config.jsp"%>
<%
	String strFileName = Convert.getParameter(request, "filename", "", true, true);
	if(SafeUtil.isSqlAndXss(strFileName)) {
		out.println("参数包含非法字符，禁止访问");
		return;
	}
	strFileName = strFileName.replaceAll("\\\\","/");
	strFileName = strFileName.replaceAll("\\.\\./", "");
	strFileName = strFileName.replaceAll("\\./", "");

	String i_classid = Convert.getParameter(request, "classid", "", true, true);
	if (strFileName.length() == 0) {
		LogWriter.debug("未指定要下载文件的文件名!");
		return;
	}
	//String reg = "^[0-9a-zA-Z]+(\\.[0-9a-zA-Z]+)?$";
	//Pattern p = Pattern.compile(reg, Pattern.CASE_INSENSITIVE);
	//Matcher m = p.matcher(strFileName);
	//boolean result = m.find();
	//if(!result){
	//	return;
	//}
	
	Jcms_AttachBLF attachBlf = new Jcms_AttachBLF(strAppID,strWebID);
	Jcms_AttachEntity attachEn = attachBlf.getEntityByFileName(strFileName);
	if (attachEn == null) {
		if ("".equals(i_classid)){
			out.println(Convert.getAlterScript("alert('文件不存在!');"));
			return;
		}else{
			//数据移植直接放进去的附件，没有入库
			String strFilePath = application.getRealPath("") + "/jcms_files/jcms"
			+ strAppID + "/web" + strWebID + "/site/attach/"
			+ i_classid + "/" + strFileName;//物理路径
			File file = new File(strFilePath);
			if (file.exists()){
				attachEn = new Jcms_AttachEntity();
				attachEn.setVc_name(strFileName);
				attachEn.setI_typeid(Convert.getStringValueInt(i_classid));
			}else{
				out.println(Convert.getAlterScript("alert('文件不存在!');"));
				return;
			}
		}
	}

	String fileType = "";
	if(strFileName.lastIndexOf(".") >= 0 && strFileName.lastIndexOf(".") < strFileName.length() - 1 ){
	    fileType = strFileName.substring(strFileName.lastIndexOf(".") + 1);
	}
	
	int classId = attachEn.getI_typeid();//类别ID
	String downloadname = attachEn.getVc_name();//下载显示名
	String strFilePath = application.getRealPath("") + "/jcms_files/jcms"
	+ strAppID + "/web" + strWebID + "/site/attach/"
	+ classId + "/" + strFileName;//物理路径
 	
	
	File file = new File(strFilePath);
	if (!file.isFile() || !file.exists() || strFilePath.toLowerCase().endsWith(".xml") 
			|| strFilePath.toLowerCase().endsWith(".jsp")) {
		LogWriter.debug(" downfile:文件不存在!");
		out.println(Convert.getAlterScript("alert('下载失败，文件不存在！');"));
		return;
	}
	

	String webPath = application.getRealPath("") + File.separator + "jcms_files" + File.separator + "jcms" + 
					strAppID + File.separator	+ "web" + strWebID + File.separator	+"site"+File.separator;
	String confPath = webPath + "module" + File.separator + "download" + File.separator + "config" + File.separator + "config.xml";
	String webtype = xmlFile.getContent( "webtype",confPath );		//1:内网 2:外网
	
	String filedownload = "/jcms_files/jcms" + strAppID + "/web" + strWebID + "/site/attach/" + classId + "/" + strFileName;//下载路径
	
	/* response.setContentType("application/octet-stream");//设置为下载application/octet-stream    
	String filenamedisplay = "";    
	String userAgent = request.getHeader("USER-AGENT");
	if(userAgent.lastIndexOf("Safari") > -1 && userAgent.lastIndexOf("Chrome") == -1) {
		filenamedisplay = new String(downloadname.getBytes("UTF-8"),"ISO8859-1") ;
	}else{
		filenamedisplay = URLEncoder.encode(downloadname,"UTF-8");
	}

	response.addHeader("Content-Disposition","attachment;filename=" + filenamedisplay);     */
	//pdf文件在文章页中直接预览
	String filenamedisplay = "";    
	String userAgent = request.getHeader("USER-AGENT");
	if(userAgent.lastIndexOf("Safari") > -1 && userAgent.lastIndexOf("Chrome") == -1) {
		filenamedisplay = new String(downloadname.getBytes("UTF-8"),"ISO8859-1") ;
	}else if(userAgent.toLowerCase().lastIndexOf("firefox") >-1 && userAgent.lastIndexOf("Chrome") == -1 ){
		filenamedisplay = new String(downloadname.getBytes("UTF-8"),"ISO8859-1") ;
	}else{
		filenamedisplay = URLEncoder.encode(downloadname,"UTF-8");
	}

	if(!"pdf".equals(fileType)){
		response.setContentType("application/octet-stream");//设置为下载application/octet-stream    
		response.addHeader("Content-Disposition","attachment;filename=" + filenamedisplay);
	}
	else{
		response.addHeader("Content-Disposition","filename=" + filenamedisplay);
	}
	try{   
		out.clear();    
		out=pageContext.pushBody(); 
	}catch(Throwable e){
		
	}
	try {    
		RequestDispatcher dis = application.getRequestDispatcher(filedownload);
		if(dis!= null){    
			dis.forward(request,response);
		}
	}
	catch(Exception e){
		
	}    
	finally{    
		response.flushBuffer();   
	}
%>