也是一个朋友要求帮忙,在整个网站的访问期间要过滤掉例如“法轮功”的非法字符,所以帮忙写了个。一下是一个测试的源程序。tomcat 5.0.28 , windows 2000 sp4 , jdk1.4中测试通过 Eclipse下工程源码下载(将文件后面的.jpg去掉即可,是个压缩包)
/**
* @author 李国庆
* @company leemenz (C) copyright
* @time Dec 18, 2006 2:08:18 PM
* @version 1.0.0.0
* @package com
*/
package com;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
/**
* @author Administrator
*
* 这个过滤器用来过滤黑名单中的用户不能留言
*
*/
public class NoteFilter implements Filter {
private FilterConfig config = null;
private String blackList = null;
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
config = null;
}
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
* javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
String username = request.getParameter(“username”);
if (username != null)
username = new String(request.getParameter(“username”).getBytes(
“ISO8859-1”), “GB2312”);
if (username != null && username.indexOf(blackList) != -1) {
response.setContentType(“text/html;charset=GB2312”);
PrintWriter out = response.getWriter();
out.println(“
out.println(“
对不起,” + username + “,您没有留言的权限!”);
out.println(“
“);
out.flush();
return;
}
long before = System.currentTimeMillis();
config.getServletContext()
.log(“NoteFilter:before call chain.Filter();”);
chain.doFilter(request, response);
config.getServletContext().log(“NoteFilter:after call chain.Filter();”);
long end = System.currentTimeMillis();
String name = “”;
if (request instanceof javax.servlet.http.HttpServletRequest) {
name = ((HttpServletRequest) request).getRequestURI();
}
config.getServletContext().log(
“NoteFilter ” + name + ” : ” + (end – before) + ” ms”);
}
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
this.config = arg0;
this.blackList = config.getInitParameter(“blackList”);
}
}
/**
* @author 李国庆
* @company leemenz (C) copyright
* @time Dec 18, 2006 2:08:18 PM
* @version 1.0.0.0
* @package com
*/
package com;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/*
*测试页面
*/
public class NoteServlet extends HttpServlet {
public static final String CONTENT_TYPE = “text/html;charset=GB2312”;
/**
* Constructor of the object.
*/
public NoteServlet() {
super();
}
/**
* Destruction of the servlet.
*/
public void destroy() {
super.destroy(); // Just puts “destroy” string in log
// Put your code here
}
/**
* The doDelete method of the servlet.
*
* This method is called when a HTTP delete request is received.
*
* @param request
* the request send by the client to the server
* @param response
* the response send by the server to the client
* @throws ServletException
* if an error occurred
* @throws IOException
* if an error occurred
*/
public void doDelete(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
// Put your code here
}
/**
* The doGet method of the servlet.
*
* This method is called when a form has its tag value method equals to get.
*
* @param request
* the request send by the client to the server
* @param response
* the response send by the server to the client
* @throws ServletException
* if an error occurred
* @throws IOException
* if an error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType(CONTENT_TYPE);
ServletOutputStream out = response.getOutputStream();
out
.println(“___SIMPLE_HTML_DOM__VOKU__AMP____#92;"-//W3C//DTD HTML 4.01 Transitional//EN\">“);
out.println(““);
out.println(”
out.println(” “);
String name = request.getParameter(“username”);
String content = request.getParameter(“content”);
if (name != null)
name = new String(name.getBytes(“ISO-8859-1”), “GB2312”);
if (content != null)
content = new String(content.getBytes(“ISO-8859-1”), “GB2312”);
if (content != null)
out.println(“
” + name + “的留言为:” + content);
out.println(“
+ request.getContextPath() + “/servlet/NoteServlet\”>”);out.println(“姓名:“);
out
.println(“内容:“);
out.println(““);
out.println(““);
out.println(” “);
out.println(““);
out.flush();
out.close();
}
/**
* The doPost method of the servlet.
*
* This method is called when a form has its tag value method equals to
* post.
*
* @param request
* the request send by the client to the server
* @param response
* the response send by the server to the client
* @throws ServletException
* if an error occurred
* @throws IOException
* if an error occurred
*/
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
/**
* Initialization of the servlet.
*
* @throws ServletException
* if an error occure
*/
public void init() throws ServletException {
// Put your code here
}
}
/**
* @author 李国庆
* @company leemenz (C) copyright
* @time Dec 18, 2006 3:58:53 PM
* @version 1.0.0.0
* @package com
*/
package com;
import java.io.IOException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
/**
* @author Administrator
* 这个类继承HttpServletResponseWrapper ,并重写相应的方法
*/
public class ReplaceServletWapper extends HttpServletResponseWrapper {
private ReplaceTextStream tpStream;
/**
* @param arg0
*/
public ReplaceServletWapper(HttpServletResponse arg0, String searchText,
String replaceText) throws IOException {
// TODO Auto-generated constructor stub
super((HttpServletResponse)arg0);
tpStream = new ReplaceTextStream(arg0.getOutputStream(),searchText,replaceText);
}
public ServletOutputStream getOutputStream() throws IOException {
return tpStream;
}
}
/**
* @author 李国庆
* @company leemenz (C) copyright
* @time Dec 18, 2006 2:08:18 PM
* @version 1.0.0.0
* @package com
*/
package com;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
/**
* @author Administrator
*
* 这个类用来过滤留言或者是用户名中的非法内容
*
*/
public class ReplaceTextFilter implements Filter {
private FilterConfig config;
private String searchStr;
private String replaceStr;
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
config = null;
}
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
* javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
ReplaceServletWapper myWrappered = new ReplaceServletWapper(
(HttpServletResponse) response, searchStr, replaceStr);
config.getServletContext().log(
“ReplaceTextFilter : before called doFilter”);
chain.doFilter(request, myWrappered);
config.getServletContext().log(
“ReplaceTextFilter : after called doFilter”);
myWrappered.getOutputStream().close();
}
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
this.config = arg0;
this.searchStr = config.getInitParameter(“search”);
this.replaceStr = config.getInitParameter(“replace”);
}
}
/**
* @author 李国庆
* @company leemenz (C) copyright
* @time Dec 18, 2006 3:33:51 PM
* @version 1.0.0.0
* @package com
*/
package com;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.ServletOutputStream;
/**
* @author Administrator
* 这个类继承ServletOutputStream ,并重写相应的方法
*/
public class ReplaceTextStream extends ServletOutputStream {
private OutputStream intStream;
private ByteArrayOutputStream baStream;
private boolean closed = false;
private String newStr;
private String oldStr;
/**
*
*/
public ReplaceTextStream(OutputStream outStream, String strSearch,
String strReplace) {
// TODO Auto-generated constructor stub
intStream = outStream;
baStream = new ByteArrayOutputStream();
oldStr = strSearch;
newStr = strReplace;
}
/*
* (non-Javadoc)
*
* @see java.io.OutputStream#write(int)
*/
public void write(int b) throws IOException {
// TODO Auto-generated method stub
baStream.write(b);
}
/**
* 重写方法
*/
public void println(String s) throws IOException {
s = s + “\n”;
byte[] bs = s.getBytes();
baStream.write(bs);
}
/**
* 重写方法
*/
public void close() throws IOException {
if (!closed) {
processStream();
intStream.close();
closed = true;
}
}
/**
* 重写方法
*/
public void flush() throws IOException {
if (baStream.size() != 0) {
processStream();
baStream = new ByteArrayOutputStream();
}
}
/**
* 重写 processStream 方法
*
* @throws IOException
*/
public void processStream() throws IOException {
intStream.write(replaceContent(baStream.toByteArray()));
}
/**
* 替换所有的目的词语
*
* @param inBytes
* @return
*/
public byte[] replaceContent(byte[] inBytes) {
String retVal = “”;
String tpString = new String(inBytes);
String srchString = (new String(inBytes)).toLowerCase();
int endBody = srchString.indexOf(oldStr);
if (endBody != -1) {
retVal = tpString.replaceAll(oldStr, newStr);
} else
retVal = tpString;
return retVal.getBytes();
}
}
xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”
xsi:schemaLocation=”http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd”>
另外,要看到日志的输出信息,必须确保在server.xml文件中有如下代码:
timestamp=”true”/>
enjoy it!!! 🙂
