You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ja...@apache.org on 2012/05/07 16:46:08 UTC

svn commit: r1335047 - in /ofbiz/trunk: framework/common/src/org/ofbiz/common/ specialpurpose/ecommerce/webapp/ecommerce/customer/ specialpurpose/myportal/script/org/ofbiz/myportal/ specialpurpose/myportal/widget/

Author: jacopoc
Date: Mon May  7 14:46:07 2012
New Revision: 1335047

URL: http://svn.apache.org/viewvc?rev=1335047&view=rev
Log:
First pass in fixing the buggy code for captcha support; this is a first pass (the next one will probably be to save the image in the session rather than in the file system); the main problems fixed are related to concurrent access: the class was not thread safe and this, especially in servers with high traffic, could cause a series of issues like:
* captcha images created and then lost
* captcha images created in the wrong location (for example out of the OFBiz folder)
* the folder runtime/tempfiles/captcha could be locked


Modified:
    ofbiz/trunk/framework/common/src/org/ofbiz/common/Captcha.java
    ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/AnonContactus.ftl
    ofbiz/trunk/specialpurpose/myportal/script/org/ofbiz/myportal/Events.xml
    ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaCode.ftl
    ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaImage.ftl

Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/Captcha.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/Captcha.java?rev=1335047&r1=1335046&r2=1335047&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/src/org/ofbiz/common/Captcha.java (original)
+++ ofbiz/trunk/framework/common/src/org/ofbiz/common/Captcha.java Mon May  7 14:46:07 2012
@@ -38,12 +38,13 @@ import org.ofbiz.base.util.UtilDateTime;
 
 public class Captcha {
 
-    public static String ID_KEY = null;
-    public static String CAPTCHA_FILE_NAME = null;
-    public static String CAPTCHA_FILE_PATH = null;
+    public static final String CAPTCHA_FILE_PATH = System.getProperty("ofbiz.home") + File.separator + "runtime" + File.separator + "tempfiles" + File.separator + "captcha" + File.separator;
 
-    public static String getCodeCaptcha(HttpServletRequest request,HttpServletResponse response) {
-        if (CAPTCHA_FILE_PATH != null) deleteFile();
+    public static String getCodeCaptcha(HttpServletRequest request, HttpServletResponse response) {
+        File test = new File(CAPTCHA_FILE_PATH);
+        if (!test.exists()) {
+            test.mkdir();
+        }
         StringBuilder finalString = new StringBuilder();
         String elegibleChars = "ABCDEFGHJKLMPQRSTUVWXYabcdefhjkmnpqrstuvwxy23456789";
         int charsToPrint = 6;
@@ -55,20 +56,15 @@ public class Captcha {
             char characterToShow = chars[randomIndex];
             finalString.append(characterToShow);
         }
-        ID_KEY = finalString.toString();
-        if (createImageCaptcha (request,response)) return "success";
-        return "error";
-    }
+        String idKey = finalString.toString();
 
-    public static boolean createImageCaptcha (HttpServletRequest request,HttpServletResponse response) {
         try {
-            //It is possible to pass the font size, image width and height with the request as well
+            // It is possible to pass the font size, image width and height with the request as well
             Color backgroundColor = Color.gray;
             Color borderColor = Color.DARK_GRAY;
             Color textColor = Color.ORANGE;
             Color circleColor = new Color(160, 160, 160);
             Font textFont = new Font("Arial", Font.PLAIN, paramInt(request, "fontSize", 22));
-            int charsToPrint = 6;
             int width = paramInt(request, "width", 149);
             int height = paramInt(request, "height", 40);
             int circlesToDraw = 6;
@@ -97,7 +93,7 @@ public class Captcha {
             int fontHeight = fontMetrics.getHeight();
 
             //We are not using certain characters, which might confuse users
-            String characterToShow = ID_KEY;
+            String characterToShow = idKey;
             float spaceForLetters = -horizMargin * 2 + width;
             float spacePerChar = spaceForLetters / (charsToPrint - 1.0f);
 
@@ -134,40 +130,16 @@ public class Captcha {
             g.setColor(borderColor);
             g.drawRect(0, 0, width - 1, height - 1);
             g.dispose();
-            Captcha.writeImage(bufferedImage, request);
 
-        } catch (Exception ioe) {
-            return false;
-        }
-        //Adding this because we called response.getOutputStream() above. This will prevent and illegal state exception being thrown
-        return true;
-    }
+            String captchaFileName = UtilDateTime.nowAsString().concat(".jpg");
+            request.setAttribute("captchaFileName", "/tempfiles/captcha/" + captchaFileName);
+            request.setAttribute("ID_KEY", idKey);
+            ImageIO.write(bufferedImage, "jpg", new File(CAPTCHA_FILE_PATH + captchaFileName));
 
-    public static void writeImage(BufferedImage image, HttpServletRequest request)
-    {
-        try {
-            String FILE_PATH = File.separator + "runtime" + File.separator + "tempfiles" + File.separator + "captcha" + File.separator;
-            String URL_FILE_PATH = "/tempfiles/captcha/";
-            CAPTCHA_FILE_PATH = new File(".").getCanonicalPath();
-            CAPTCHA_FILE_PATH += FILE_PATH;
-            File test = new File(CAPTCHA_FILE_PATH);
-            if (!test.exists()) {
-                test.mkdir();
-            }
-            CAPTCHA_FILE_NAME = UtilDateTime.nowAsString().concat(".jpg");
-            request.setAttribute("captchaFileName", URL_FILE_PATH + CAPTCHA_FILE_NAME);
-            request.setAttribute("ID_KEY", ID_KEY);
-            ImageIO.write(image, "jpg", new File(CAPTCHA_FILE_PATH + CAPTCHA_FILE_NAME));
-        } catch (IOException e) {
-            return;
-        }
-    }
-
-    public static void deleteFile() {
-        if (CAPTCHA_FILE_PATH != null) {
-               File file = new File(CAPTCHA_FILE_PATH);
-               file.delete();
+        } catch (Exception ioe) {
+            return "error";
         }
+        return "success";
     }
 
     public static String paramString(HttpServletRequest request, String paramName,

Modified: ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/AnonContactus.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/AnonContactus.ftl?rev=1335047&r1=1335046&r2=1335047&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/AnonContactus.ftl (original)
+++ ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/customer/AnonContactus.ftl Mon May  7 14:46:07 2012
@@ -132,4 +132,4 @@ under the License.
         </form>
     </div>
 </#if>
-</div>
\ No newline at end of file
+</div>

Modified: ofbiz/trunk/specialpurpose/myportal/script/org/ofbiz/myportal/Events.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/myportal/script/org/ofbiz/myportal/Events.xml?rev=1335047&r1=1335046&r2=1335047&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/myportal/script/org/ofbiz/myportal/Events.xml (original)
+++ ofbiz/trunk/specialpurpose/myportal/script/org/ofbiz/myportal/Events.xml Mon May  7 14:46:07 2012
@@ -137,6 +137,5 @@ under the License.
             </else>
         </if-compare>
         <check-errors error-list-name="error_list" error-code="resultPage"/>
-        <call-class-method class-name="org.ofbiz.common.Captcha" method-name="deleteFile"/>
     </simple-method>
 </simple-methods>

Modified: ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaCode.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaCode.ftl?rev=1335047&r1=1335046&r2=1335047&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaCode.ftl (original)
+++ ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaCode.ftl Mon May  7 14:46:07 2012
@@ -17,6 +17,6 @@ specific language governing permissions 
 under the License.
 -->
 
-<#assign idkey = Static["org.ofbiz.common.Captcha"].ID_KEY>
+<#assign idkey = requestAttributes.ID_KEY?if_exists>
 
 <input  type="hidden" value="${idkey?if_exists}" name="captchaCode"/>
\ No newline at end of file

Modified: ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaImage.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaImage.ftl?rev=1335047&r1=1335046&r2=1335047&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaImage.ftl (original)
+++ ofbiz/trunk/specialpurpose/myportal/widget/reloadCaptchaImage.ftl Mon May  7 14:46:07 2012
@@ -19,6 +19,6 @@ under the License.
 
 <#-- For add Captcha Capture -->
 <#assign fileName = Static["org.ofbiz.common.Captcha"].getCodeCaptcha(request,response)>
-<#assign fileName = Static["org.ofbiz.common.Captcha"].CAPTCHA_FILE_NAME>
+<#assign fileName = requestAttributes.captchaFileName?if_exists>
 
 <img  src="<@o...@ofbizContentUrl>" alt="" />