package demo;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.junit.Test;
import com.aspose.words.Document;
import com.aspose.words.FontSettings;
import com.aspose.words.License;
public class Demo {
public static void main(String[] args) {
String str = "../information/../../../../../../../../../../etc/passwd%00.jpg";
System.out.println(str.indexOf("../"));
}
public static boolean doc2pdf(String inpath, String outpath) {
boolean flag = false;
if (checkLicense()) {
try {
FontSettings.getDefaultInstance().setFontsFolder("C:\\Windows\\Fonts", true);
File file = new File(outpath);
FileOutputStream os = new FileOutputStream(file);
Document doc = new Document(inpath);
doc.save(os, 40);
} catch (Exception var5) {
var5.printStackTrace();
}
flag = true;
}
return flag;
}
public static boolean checkLicense() {
boolean result = false;
try {
InputStream is = Demo.class.getClassLoader().getResourceAsStream("license.xml");
License aposeLic = new License();
aposeLic.setLicense(is);
result = true;
} catch (Exception var3) {
var3.printStackTrace();
}
return result;
}
public static boolean containsSqlInjection(Object obj){
Pattern pattern= Pattern.compile("\\b(and|exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare|or)\\b|(\\*|;|\\+|'|%)");
Matcher matcher=pattern.matcher(obj.toString().toLowerCase());
return matcher.find();
}
@Test
public void testContainsSqlInjection(){
boolean b1=containsSqlInjection("and nm=1");
boolean b2=containsSqlInjection("niamsh delete from ");
boolean b3=containsSqlInjection("stand");
boolean b4=containsSqlInjection("and");
boolean b5=containsSqlInjection("niasdm%asjdj");
}
}
浙公网安备 33010602011771号