Source code: org/scoja/server/expr/SecureFunction.java
1
2 package org.scoja.server.expr;
3
4 import java.io.File;
5
6 import org.scoja.server.core.QStr;
7 import org.scoja.server.core.EventContext;
8
9 /**
10 * Makes a String secure to be used as part of a file name.
11 * Put an underline (<code>_</code>) instead of end of lines,
12 * {@link File#separatorChar} or {@link File#pathSeparatorChar}.
13 */
14 public class SecureFunction extends String2StringFunction {
15
16 public SecureFunction(final StringExpression subexpr) {
17 super(subexpr);
18 }
19
20 public QStr eval(final EventContext env) {
21 final QStr qarg1 = super.eval(env);
22 if (qarg1.isFilenameSecure()) return qarg1;
23
24 final String secured = secure(qarg1.unqualified());
25 final int qualities
26 = (qarg1.qualities() & ~QStr.ISNT_FILENAME_SECURE)
27 | QStr.IS_FILENAME_SECURE;
28 return new QStr(secured, qualities);
29 }
30
31 public static String secure(final String unsecure) {
32 System.err.println("SECURITING: " + unsecure);
33 final char[] secure = new char[unsecure.length()];
34 for (int i = 0; i < secure.length; i++) {
35 final char c = unsecure.charAt(i);
36 if (c == File.separatorChar
37 || c == File.pathSeparatorChar
38 || c == '\n' || c == '\r') {
39 secure[i] = '_';
40 } else {
41 secure[i] = c;
42 }
43 }
44 return new String(secure);
45 }
46 }