import java.io.*;
import java.util.*;

import javax.servlet.*;
import javax.servlet.http.*;

public class uploader extends HttpServlet
{
    // example file uploader servlet
    // testing environment was resin

    public void doGet ( HttpServletRequest req, HttpServletResponse res ) throws ServletException, IOException {
        handle( req, res );
    }

    public void doPost ( HttpServletRequest req, HttpServletResponse res ) throws ServletException, IOException {
        handle( req, res );
    }

    public void handle ( HttpServletRequest req, HttpServletResponse res ) throws ServletException, IOException {
        Date servletStart = new Date( );

        String localFilePath = req.getParameter( "file" );
        String filename = request.getParameter( "file.filename" );
        // String contentType = request.getParameter( "file.content-type" );

        // security: make sure we don't have some sort of hidden command in the filename
        if ( filename.indexOf( "&" ) > -1 ) // disallow mischif in unix
            filename = filename.substring( filename.lastIndexOf( "&" ) + 1, filename.length( ) );
        if ( filename.indexOf( ";" ) > -1 ) // disallow mischif in unix
            filename = filename.substring( filename.lastIndexOf( ";" ) + 1, filename.length( ) );
        if ( filename.indexOf( "\r" ) > -1 ) // disallow mischif
            filename = filename.substring( filename.lastIndexOf( "\r" ) + 1, filename.length( ) );
        if ( filename.indexOf( "\n" ) > -1 ) // disallow mischif
            filename = filename.substring( filename.lastIndexOf( "\n" ) + 1, filename.length( ) );
        if ( filename.equals( "" ) ) // if file ended in bad char, we need a filename
            filename = "a.dat";

        String copyString = "cp " + localFilePath + " /tmp/" + filename;

        Process child = Runtime.getRuntime( ).exec( copyString );
        try {
            child.waitFor( );
        }
        catch( InterruptedException e ) {
            System.err.println( e );
        }

        PrintWriter out = res.getWriter( );
        out.println( "done" );
        out.flush( );
        out.close( );

        Date servletFinish = new Date( );
        long servletRunTime = servletFinish.getTime( ) - servletStart.getTime( );
        System.err.println( "uploader: uploaded " + filename + " - servletRunTime=" + servletRunTime + "\n" );

    }

}