The work of these days is mainly uploaded around the file (mainly pictures) and can be integrated online and HTML editor. It is easy to operate with the currently referenced online picture. I have a little little reading this thing, but I don't make sense: I used servlet before, where the core DOUPLOADBEAN is also working; secondly to the editor, doing the private blog of using PHP Over, you can't see something particularly difficult. However, it is actually discovered after the development, and the simplicity of the upload is easy, but it is necessary to reasonably arrange the uploaded strategy. Because the upload itself is very dangerous, this is actually a mouthful of mouth; allowing customers to do facts to act on the server, uploading attacks are not a difficult, not a rare thing; you can want to see the system Open, this type of attack will inevitably happen.
On the other hand, at the same time, it is necessary to consider the later management at the same time, because even in the user's local, the biggest hard disk will not take it for a long time, it will not be clear, what is the garbage, not to mention now It is a server that allows many people to use at the same time. If there is no precise strategy, how long it can't spend, the customer's upload file will explode. Just a week, a friend helped me, saying that their database reached 30g, eating the hard disk, and the result was dead; on this, I can only love Mo Can, because, most of them can be sure Garbage, but nothing is garbage, what is necessary. Because they lack a strategy. Moreover, even if the user is not malicious, most of the situation, the hard disk will also be full, if this is a system disk, usually means that crash, visible, must use the connection to upload upload Another dedicated partition to ensure safety. Usually Iron Quota is here to send it. Because it is necessary to combine the web account with the operating system account, which is both complex and dangerous, and there is no need. At the same time, if the file uploaded file is not given to each user, it should be an additional prefix before the name of each user, which is for identification; so, in case of cleanup, with the document date, you can use Find / GREP / RM The combined script is backed up or cleared, at least possible. There are other factors, causing the actual operation of uploading files to be much larger than the simplicity of a file, which mainly includes permission control, (Considering the attack can be attacked, this is careful), file management And modify attributes, including size, type limit, easy to modify storage methods, etc. In fact, in order, in case, the uploading portion only spends only five lines, and management is not less than 50 lines. It is no longer necessary to write into the input, even if you have no accumulation, you can find an open source code from the Internet, like Jakarta Commons Upload is one. There is no example of this thing. Most of the examples are running, not the monsters, but this thing not only does not have any documents, but also change the methods and classes: examples of UPLOAD actually DiskUpload, and what is the difference between current UPLOAD, why can I save the amount of memory consumption, I can't find any explanation. Although the code is prejudice to the code, because my code cannot handle multiple file uploads, though, this situation is actually very small, but I have never understood what way can I identify more than one upload request, this means I still have an independent understanding of RFC1864. Since there is a more reliable stuff, I don't want to be too eccentric. As a result, I have been completely buried with DouploadBean for a few years. When the selection is to use JSP or servlet processing, it is obvious that the servlet is more specified in both, but is quite inconvenient in permission control, because the identification variable must be obtained through the request, which means that the client counterfeit variable is directly submitted The possibility of upload ensures that the correct identification means a lot of code. I finally decided to adopt a way to replace servlet from a JSP label inventions (see "You can use multiple JSP tags to achieve similar servlet effects").
The results show that this is indeed a good way to have JSP / servlet / javabean advantages, especially the modification is very easy, I changed a idea to open a directory with the user name, just change the label, a defined attribute is proper, this is really Ease of use. The final method is simple:
In this way, the SaveUpload tag automatically detects permissions, and allows the members to upload them according to the management group defined in the department, uploaded to the dedicated directory established in the UPLoad directory under the department, while the replication file name uses the theme name The client is embedded in the text being edited.
In this way, the upload really becomes a component that can be freely used.
