5.Struts2的OGNL表达式
Posted 红酒人生
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了5.Struts2的OGNL表达式相关的知识,希望对你有一定的参考价值。
1.创建javaweb项目Struts2_Part4_OGNL并在WebRoot下的WEB-INF下的lib文件夹下添加如下jar文件
1 commons-fileupload-1.2.1.jar 2 3 commons-io-1.3.2.jar 4 5 freemarker-2.3.15.jar 6 7 mybatis-3.2.2.jar 8 9 ognl-2.7.3.jar 10 11 ojdbc14.jar 12 13 struts2-core-2.1.8.1.jar 14 15 xwork-core-2.1.6.jar
2.在src下创建struts.xml文件
1 <?xml version="1.0" encoding="UTF-8"?> 2 <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1.7//EN" "struts-2.1.7.dtd" > 3 <struts> 4 <!-- 中文乱码处理 --> 5 <constant name="struts.i18n.encoding" value="UTF-8"/> 6 <package name="default" namespace="/" extends="struts-default"> 7 <!-- 全局配置 --> 8 <global-results> 9 <result name="error">error.jsp</result> 10 </global-results> 11 12 <!-- 时间格式化配置 --> 13 <action name="currentDate" class="com.action.DateFormatAction" method="getFormateDate"> 14 <result name="success">ognldemo.jsp</result> 15 </action> 16 17 <!-- Student的控制器的配置 --> 18 <action name="student" class="com.action.StudentAction" method="getInfo"> 19 <result name="success">index.jsp</result> 20 </action> 21 22 <!-- 详细信息的控制器的配置 --> 23 <action name="stuinfo" class="com.action.StuInfoAction" method="getInfo"> 24 <result name="success">success.jsp</result> 25 </action> 26 </package> 27 </struts>
3.在src下的com.entity包下创建Student.java文件
1 package com.entity; 2 3 public class Student { 4 private Integer sid; 5 private String sname; 6 7 8 public Student() { 9 } 10 public Student(Integer sid, String sname) { 11 this.sid = sid; 12 this.sname = sname; 13 } 14 public Integer getSid() { 15 return sid; 16 } 17 public void setSid(Integer sid) { 18 this.sid = sid; 19 } 20 public String getSname() { 21 return sname; 22 } 23 public void setSname(String sname) { 24 this.sname = sname; 25 } 26 @Override 27 public String toString() { 28 return "Student [sid=" + sid + ", sname=" + sname + "]"; 29 } 30 }
4.在src下的com.action包下创建StudentAction.java文件
1 package com.action; 2 3 import com.entity.Student; 4 import com.opensymphony.xwork2.ActionSupport; 5 6 public class StudentAction extends ActionSupport { 7 8 9 10 @Override 11 public String execute() throws Exception { 12 13 return ERROR; 14 } 15 16 private Student stu; 17 public String getInfo(){ 18 stu=new Student(1, "胡淑红"); 19 return SUCCESS; 20 } 21 22 public Student getStu() { 23 return stu; 24 } 25 26 public void setStu(Student stu) { 27 this.stu = stu; 28 } 29 30 }
5.在src下的com.action包下创建StuInfoAction.java文件
1 package com.action; 2 3 import java.util.ArrayList; 4 import java.util.List; 5 6 import com.entity.Student; 7 import com.opensymphony.xwork2.ActionSupport; 8 9 public class StuInfoAction extends ActionSupport{ 10 private String[] ah; 11 private List<Student> list; 12 public String getInfo(){ 13 if(ah!=null){ 14 System.out.println("爱好是:"); 15 for (int i = 0; i < ah.length; i++) { 16 System.out.print(ah[i]+","); 17 } 18 }else{ 19 System.out.println("没有获取参数"); 20 list=new ArrayList<Student>(); 21 Student stu=new Student(1, "holly"); 22 list.add(stu); 23 } 24 25 return SUCCESS; 26 } 27 28 public String[] getAh() { 29 return ah; 30 } 31 32 public void setAh(String[] ah) { 33 this.ah = ah; 34 } 35 36 public List<Student> getList() { 37 return list; 38 } 39 40 public void setList(List<Student> list) { 41 this.list = list; 42 } 43 }
6.在src下的com.action包下创建DateFormatAction.java文件
1 package com.action; 2 3 import java.util.Date; 4 5 import com.opensymphony.xwork2.ActionSupport; 6 7 public class DateFormatAction extends ActionSupport { 8 //1.定义私有的Date类型的对象 9 private Date currentDate; 10 //2.action核心处理业务的方法 11 public String getFormateDate(){ 12 13 //创建Date对象,也就是给成员对象赋值 14 currentDate=new Date(); 15 System.out.println("系统时间:"+currentDate); 16 return SUCCESS; 17 } 18 //3.代理对象使用的getter和setter 19 public Date getCurrentDate() { 20 return currentDate; 21 } 22 public void setCurrentDate(Date currentDate) { 23 this.currentDate = currentDate; 24 } 25 }
7.在WebRoot下的WEB-INF下web.xml文件
1 <?xml version="1.0" encoding="UTF-8"?> 2 <web-app version="2.5" 3 xmlns="http://java.sun.com/xml/ns/javaee" 4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 5 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 6 http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> 7 <filter> 8 <filter-name>struts2</filter-name> 9 <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class> 10 </filter> 11 <filter-mapping> 12 <filter-name>struts2</filter-name> 13 <url-pattern>/*</url-pattern> 14 15 </filter-mapping> 16 <welcome-file-list> 17 <welcome-file>ognldemo.jsp</welcome-file> 18 </welcome-file-list> 19 </web-app>
8.在WebRoot下创建ognldemo.jsp文件
1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> 2 <%@taglib uri="/struts-tags" prefix="s" %> 3 <% 4 String path = request.getContextPath(); 5 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; 6 %> 7 8 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 9 <html> 10 <head> 11 <base href="<%=basePath%>"> 12 13 <title>My JSP \'index.jsp\' starting page</title> 14 <meta http-equiv="pragma" content="no-cache"> 15 <meta http-equiv="cache-control" content="no-cache"> 16 <meta http-equiv="expires" content="0"> 17 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> 18 <meta http-equiv="description" content="This is my page"> 19 <!-- 20 <link rel="stylesheet" type="text/css" href="styles.css"> 21 --> 22 </head> 23 24 <body> 25 <!-- 在request作用域里设置age变量,值为18 --> 26 <s:set name="age" value="18" scope="request"/> 27 28 <!-- 直接输出request作用域变量的值 --> 29 <s:property value="#request.age"/> 30 <s:property value="#attr.age"/> 31 32 <!-- 在session作用域里设置name变量,值为holly --> 33 <s:set name="sname" value="\'holly\'" scope="session"/> 34 35 <!-- 直接输出session作用域变量的值 --> 36 <s:property value="#session.sname"/> 37 <s:property value="#attr.sname"/> 38 39 <!-- 在application作用域里设置sex变量,值为女 --> 40 <s:set name="sex" value="\'女\'" scope="application"/> 41 42 <!-- 直接输出session作用域变量的值 --> 43 <s:property value="#application.sex"/> 44 <s:property value="#attr.sex"/> 45 46 <!-- 格式化后台action发过来的Date类型的系统时间 --> 47 格式化的时间:<s:date name="currentDate" format="dd/MM/yyyy"/> 48 没有格式化:<s:date name="currentDate" /> 49 50 </body> 51 </html>
9.在WebRoot下创建index.jsp文件
1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> 2 <%@taglib uri="/struts-tags" prefix="s" %> 3 <% 4 String path = request.getContextPath(); 5 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; 6 %> 7 8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 9 <html> 10 <head> 11 <base href="<%=basePath%>"> 12 13 <title>My JSP \'index.jsp\' starting page</title> 14 <meta http-equiv="pragma" content="no-cache"> 15 <meta http-equiv="cache-control" content="no-cache"> 16 <meta http-equiv="expires" content="0"> 17 <meta http-equiv="keywords" content以上是关于5.Struts2的OGNL表达式的主要内容,如果未能解决你的问题,请参考以下文章S2-053:Apache Struts2远程代码执行漏洞(中危)