4.2.2創建過濾器類 · JavaWeb項目開發學習手冊

### 1.字符編碼過濾器類 ``` package com.baishenghua200.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.annotation.WebInitParam; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * CharacterEncodingFilter300.java(字符編碼過濾器類) * @desc 主要統一字符編碼 * @author 柏圣華 * @date 2021-10-21 * */ @WebFilter(urlPatterns="/*",initParams= {@WebInitParam(name="CharsetEncoding",value="utf-8")}) public class CharacterEncodingFilter200 implements Filter { private static String encoding;//定義變量接收初始化的值 /** * Default constructor. */ public CharacterEncodingFilter200() { } public void destroy() { } public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest)req; HttpServletResponse response = (HttpServletResponse)res; //設置字符編碼鏈鎖 request.setCharacterEncoding(encoding); response.setCharacterEncoding(encoding); if(encoding != null) { chain.doFilter(request, response); } } public void init(FilterConfig fConfig) throws ServletException { //接收web.xml配置文件中或者注解中的初始參數 encoding = fConfig.getInitParameter("CharsetEncoding"); } } ``` ### 2.用戶登錄權限驗證過濾器類 ``` package com.baishenghua200.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; @WebFilter("/*") public class LoginFilter200 implements Filter { public void destroy() { } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { System.out.println(req); // 0.強制轉換 HttpServletRequest request = (HttpServletRequest) req; // 1.獲取資源請求路徑 String uri = request.getRequestURI(); // 2.判斷是否包含登錄相關資源路徑,要注意排除掉 css/js/圖片/驗證碼等資源 if (uri.contains("/login.jsp") || uri.contains("/LoginServlet200") || uri.contains("/css/") || uri.contains("/js/") || uri.contains("/fonts/") || uri.contains("/images/") || uri.contains("/CheckCode200") || uri.contains("/IndexServlet200") || uri.contains("/index.jsp") || uri.contains("/index200.jsp") || uri.contains("/about.jsp") || uri.contains("/news.jsp") || uri.contains("/contact.jsp") || uri.contains("/portfolio.jsp") || uri.contains("/product.jsp") || uri.contains("/server.jsp") || uri.contains("/talent.jsp") || uri.contains("/online.jsp")) { // 包含，用戶就是想登錄。放行 chain.doFilter(req, resp); } else { // 不包含，需要驗證用戶是否登錄 // 3.從獲取session中獲取user Object user = request.getSession().getAttribute("user"); if (user != null) { // 登錄了。放行 chain.doFilter(request, resp); } else { // 沒有登錄。跳轉登錄頁面 request.setAttribute("login_msg", "您尚未登錄，請登錄"); request.getRequestDispatcher("/Manager/login.jsp").forward(request, resp); } } } public void init(FilterConfig fConfig) throws ServletException { } } ``` ### 3.敏感詞匯過濾器類 ``` package com.baishenghua200.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.BufferedReader; import java.io.FileReader; import java.io.IOException; import java.lang.reflect.InvocationHandler; import java.lang.reflect.Method; import java.lang.reflect.Proxy; import java.util.ArrayList; import java.util.List; /** * 敏感詞匯過濾器 */ @WebFilter("/*") public class SensitiveWordsFilter200 implements Filter { public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException { //1.創建代理對象，增強getParameter方法 ServletRequest proxy_req = (ServletRequest) Proxy.newProxyInstance(req.getClass().getClassLoader(), req.getClass().getInterfaces(), new InvocationHandler() { @Override public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { //增強getParameter方法 //判斷是否是getParameter方法 if(method.getName().equals("getParameter")){ //增強返回值 //獲取返回值 String value = (String) method.invoke(req,args); if(value != null){ for (String str : list) { if(value.contains(str)){ value = value.replaceAll(str,"***"); } } } return value; } //判斷方法名是否是 getParameterMap //判斷方法名是否是 getParameterValue return method.invoke(req,args); } }); //2.放行 chain.doFilter(proxy_req, resp); } private List<String> list = new ArrayList<String>();//敏感詞匯集合 public void init(FilterConfig config) throws ServletException { try{ //1.獲取文件真實路徑 ServletContext servletContext = config.getServletContext(); String realPath = servletContext.getRealPath("/WEB-INF/classes/敏感詞匯.txt"); //2.讀取文件 BufferedReader br = new BufferedReader(new FileReader(realPath)); //3.將文件的每一行數據添加到list中 String line = null; while((line = br.readLine())!=null){ list.add(line); } br.close(); System.out.println(list); }catch (Exception e){ e.printStackTrace(); } } public void destroy() { } } ```