Java -- springboot 配置 ckfinder

欧阳俊明
2023-12-01

1、配置 jar 依赖

<!--CKFinder start-->
<dependency>
	<groupId>com.ckfinder</groupId>
	<artifactId>CKFinder</artifactId>
	<version>2.6.2.1</version>
	<scope>system</scope>
	<systemPath>${project.basedir}/src/main/resources/lib/CKFinder-2.6.2.1.jar</systemPath>
</dependency>
<dependency>
	<groupId>com.ckfinder</groupId>
	<artifactId>CKFinderPlugin-FileEditor</artifactId>
	<version>2.6.2.1</version>
	<scope>system</scope>
	<systemPath>${project.basedir}/src/main/resources/lib/CKFinderPlugin-FileEditor-2.6.2.1.jar</systemPath>
</dependency>
<dependency>
	<groupId>com.ckfinder</groupId>
	<artifactId>CKFinderPlugin-ImageResize</artifactId>
	<version>2.6.2.1</version>
	<scope>system</scope>
	<systemPath>${project.basedir}/src/main/resources/lib/CKFinderPlugin-ImageResize-2.6.2.1.jar</systemPath>
</dependency>
<dependency>
	<groupId>com.ckfinder</groupId>
	<artifactId>CKFinderPlugin-Watermark</artifactId>
	<version>2.6.2.1</version>
	<scope>system</scope>
	<systemPath>${project.basedir}/src/main/resources/lib/CKFinderPlugin-Watermark-2.6.2.1.jar</systemPath>
</dependency>
<dependency>
	<groupId>net.coobird</groupId>
	<artifactId>thumbnailator</artifactId>
	<version>0.4.8</version>
</dependency>
<dependency>
	<groupId>commons-fileupload</groupId>
	<artifactId>commons-fileupload</artifactId>
	<version>1.2.2</version>
</dependency>
<dependency>
	<groupId>commons-io</groupId>
	<artifactId>commons-io</artifactId>
	<version>2.0.1</version>
</dependency>
<!--CKFinder end-->

2、resources 下创建 lib 目录,放入依赖 jar 包

3、resources 下创建 static 目录,放入 ckfinder 静态资源

4、resources 下创建 ckfinder.xml 文件

<?xml version="1.0" encoding="UTF-8"?>
<config>
	<!--
	CKFinder : Configuration File - Basic Instructions
	
	In a generic usage case, the following tasks must be done to configure CKFinder:
	1. Check the baseDir and baseUrl options;
	2. If available, paste your license key in the "licenseKey" setting;
	3. Enable CKFinder using the "enabled" setting.

	WARNING : DO NOT simply set "enabled" to "true" on a production site. By doing so, you 
	are allowing "anyone" to upload and list the files in your server. You must implement
	some kind of session validation.
	http://docs.cksource.com/CKFinder_2.x/Developers_Guide/Java/Configuration/Extending
	-->
	<enabled>true</enabled>
	<!--
	Configure the location of uploaded files. See the following article for more details:
	http://docs.cksource.com/CKFinder_2.x/Developers_Guide/Java/Configuration/baseURL_and_baseDir
	-->
	<baseDir>f:\\ftp\\</baseDir>
	<baseURL>http://localhost:8081/demo/public/images/</baseURL>
	<licenseKey></licenseKey>
	<licenseName></licenseName>
	<!--
	Set the maximum size of uploaded images. If an uploaded image is larger, it
	gets scaled down proportionally. Set to 0 to disable this feature.
	-->
	<imgWidth>1600</imgWidth>
	<imgHeight>1200</imgHeight>
	<imgQuality>80</imgQuality>
	<!--
	See the following article for more details:
	http://docs.cksource.com/CKFinder_2.x/Developers_Guide/Java/Configuration/URI_Encoding
	-->
	<uriEncoding>UTF-8</uriEncoding>
	<!--
	ResourceType : defines the "resource types" handled in CKFinder. A resource
	type is nothing more than a way to group files under different paths, each one
	having different configuration settings.

	Each resource type name must be unique.

	When loading CKFinder, the "type" querystring parameter can be used to display
	a specific type only. If "type" is omitted in the URL, the
	"DefaultResourceTypes" settings is used (may contain the resource type names
	separated by a comma). If left empty, all types are loaded.

	maxSize is defined in bytes, but shorthand notation may be also used.
	Available options are: G, M, K (case insensitive).
	1M equals 1048576 bytes (one Megabyte), 1K equals 1024 bytes (one Kilobyte), 1G equals one Gigabyte.
	Example: 'maxSize' => "8M",

	==============================================================================
	ATTENTION: Flash files with `swf' extension, just like HTML files, can be used 
	to execute JavaScript code and to e.g. perform an XSS attack. Grant permission 
	to upload `.swf` files only if you understand and can accept this risk.
	==============================================================================
	-->
	<defaultResourceTypes></defaultResourceTypes>
	<types>
		<type name="Files">
			<url>%BASE_URL%files/</url>
			<directory>%BASE_DIR%files</directory>
			<maxSize>0</maxSize>
			<allowedExtensions>7z,aiff,asf,avi,bmp,csv,doc,docx,fla,flv,gif,gz,gzip,jpeg,jpg,mid,mov,mp3,mp4,mpc,mpeg,mpg,ods,odt,pdf,png,ppt,pptx,pxd,qt,ram,rar,rm,rmi,rmvb,rtf,sdc,sitd,swf,sxc,sxw,tar,tgz,tif,tiff,txt,vsd,wav,wma,wmv,xls,xlsx,zip
			</allowedExtensions>
			<deniedExtensions></deniedExtensions>
		</type>
		<type name="Images">
			<url>%BASE_URL%images/</url>
			<directory>%BASE_DIR%images</directory>
			<maxSize>0</maxSize>
			<allowedExtensions>bmp,gif,jpeg,jpg,png</allowedExtensions>
			<deniedExtensions></deniedExtensions>
		</type>
		<type name="Flash">
			<url>%BASE_URL%flash/</url>
			<directory>%BASE_DIR%flash</directory>
			<maxSize>0</maxSize>
			<allowedExtensions>swf,flv</allowedExtensions>
			<deniedExtensions></deniedExtensions>
		</type>
	</types>
	<!--
	The session variable name that CKFinder must use to retrieve
	the "role" of the current user. The "role", can be used in the "accessControls"
	settings (bellow).
	-->
	<userRoleSessionVar>CKFinder_UserRole</userRoleSessionVar>
	<accessControls>
		<accessControl>
			<role>*</role>
			<resourceType>*</resourceType>
			<folder>/</folder>
			<folderView>true</folderView>
			<folderCreate>true</folderCreate>
			<folderRename>true</folderRename>
			<folderDelete>true</folderDelete>
			<fileView>true</fileView>
			<fileUpload>true</fileUpload>
			<fileRename>true</fileRename>
			<fileDelete>true</fileDelete>
		</accessControl>
	</accessControls>
	<thumbs>
		<enabled>true</enabled>
		<url>%BASE_URL%_thumbs/</url>
		<directory>%BASE_DIR%_thumbs</directory>
		<directAccess>false</directAccess>
		<maxHeight>100</maxHeight>
		<maxWidth>100</maxWidth>
		<quality>80</quality>
	</thumbs>
	<!--
	Increases the security on an IIS web server.
	If enabled, CKFinder will disallow creating folders and uploading files whose names contain characters 
	that are not safe under an IIS web server.
	-->
	<disallowUnsafeCharacters>false</disallowUnsafeCharacters>
	<!--
	Due to security issues with Apache modules, it is recommended to leave the
	following setting enabled.

	How does it work? Suppose the following:

	- If "php" is on the denied extensions list, a file named foo.php cannot be
	  uploaded.
	- If "rar" (or any other) extension is allowed, one can upload a file named
	  foo.rar.
	- The file foo.php.rar has "rar" extension so, in theory, it can be also
	  uploaded.

	In some conditions Apache can treat the foo.php.rar file just like any PHP
	script and execute it.

	If CheckDoubleExtension is enabled, each part of the file name after a dot is
	checked, not only the last part. In this way, uploading foo.php.rar would be
	denied, because "php" is on the denied extensions list.
	-->
	<checkDoubleExtension>true</checkDoubleExtension>
	<!--
	Indicates that the file size (maxSize) for images must be checked only
	after scaling them. Otherwise, it is checked right after uploading.
	-->
	<checkSizeAfterScaling>true</checkSizeAfterScaling>
	<!--
	Perform additional checks for image files
	if set to true, validate image size
	-->
	<secureImageUploads>true</secureImageUploads>
	<!--
	For security, HTML is allowed in the first Kb of data for files having the
	following extensions only.
	-->
	<htmlExtensions>html,htm,xml,js</htmlExtensions>
	<!--
	Force ASCII names for files and folders. If enabled, characters with diactric 
	marks will be automatically converted to ASCII letters.
	-->
	<forceASCII>false</forceASCII>
	<!--
	Enables protection in the connector.
	The default CSRF protection mechanism is based on double submit cookies, where
	connector checks if the request contains a valid token that matches the token
	sent in the cookie
	https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies
	-->
	<enableCsrfProtection>true</enableCsrfProtection>
	<!--
	Folders to not display in CKFinder, no matter their location.
	No paths are accepted, only the folder name.
	The * and ? wildcards are accepted.
	".*" disallows the creation of folders starting with a dot character.
	-->
	<hideFolders>
		<folder>.*</folder>
		<folder>CVS</folder>
	</hideFolders>
	<!--
	Files to not display/upload in CKFinder, no matter their location.
	No paths are accepted, only the file name, including extension.
	The * and ? wildcards are accepted.
	-->
	<hideFiles>
		<file>.*</file>
	</hideFiles>
	<plugins>
		<plugin>
			<name>imageresize</name>
			<class>com.ckfinder.connector.plugins.ImageResize</class>
			<params>
				<param name="smallThumb" value="90x90"></param>
				<param name="mediumThumb" value="120x120"></param>
				<param name="largeThumb" value="180x180"></param>
			</params>
		</plugin>
		<plugin>
			<name>fileeditor</name>
			<class>com.ckfinder.connector.plugins.FileEditor</class>
			<params></params>
		</plugin>
		<!-- Before enabling the watermark plugin make sure to specify path to source image -->
		<!-- The "internal" flag informs CKFinder that watermark is a pure server side plugin -->
		<!--
		<plugin>
			<name>watermark</name>
			<class>com.ckfinder.connector.plugins.Watermark</class>
			<params>
				<param name="source" value="/path/in/servlet/context/logo.gif"></param>
				<param name="transparency" value="0.8"></param>
				<param name="quality" value="100"></param>
				<param name="marginRight" value="5"></param>
				<param name="marginBottom" value="5"></param>
			</params>
			<internal>true</internal>
		</plugin>
		-->
	</plugins>
	<basePathBuilderImpl>com.ckfinder.connector.configuration.ConfigurationPathBuilder</basePathBuilderImpl>
</config>

5、新增 CkfinderConfig 类

package com.sample.common.config;

import com.ckfinder.connector.configuration.Configuration;
import com.ckfinder.connector.configuration.Events;
import com.ckfinder.connector.errors.ConnectorException;
import com.ckfinder.connector.utils.PathUtils;
import org.springframework.core.io.DefaultResourceLoader;
import org.springframework.core.io.Resource;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

import javax.servlet.ServletConfig;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.util.Scanner;

public class CKFinderConfig extends Configuration {

    public CKFinderConfig(ServletConfig servletConfig) {
        super(servletConfig);
    }

    public void init() throws Exception {
        DefaultResourceLoader loader = new DefaultResourceLoader();
        Resource resource = loader.getResource(this.xmlFilePath);
        Class<?> clazz = getClass().getSuperclass();
        Field field = clazz.getDeclaredField("lastCfgModificationDate");
        Method method = clazz.getDeclaredMethod("clearConfiguration");
        method.setAccessible(true);
        method.invoke(this);
        field.setAccessible(true);
        field.set(this, System.currentTimeMillis());
        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
        DocumentBuilder db = dbf.newDocumentBuilder();
        Document doc = db.parse(resource.getInputStream());
        doc.normalize();
        Node node = doc.getFirstChild();
        if (node != null) {
            NodeList nodeList = node.getChildNodes();

            for (int i = 0; i < nodeList.getLength(); ++i) {
                Node childNode = nodeList.item(i);
                if (childNode.getNodeName().equals("enabled"))
                    this.enabled = Boolean.valueOf(childNode.getTextContent().trim()).booleanValue();

                if (childNode.getNodeName().equals("baseDir")) {
                    this.baseDir = childNode.getTextContent().trim();
                    this.baseDir = PathUtils.escape(this.baseDir);
                    this.baseDir = PathUtils.addSlashToEnd(this.baseDir);
                }
                if (childNode.getNodeName().equals("baseURL")) {
                    this.baseURL = childNode.getTextContent().trim();
                    this.baseURL = PathUtils.escape(this.baseURL);
                    this.baseURL = PathUtils.addSlashToEnd(this.baseURL);
                }
                if (childNode.getNodeName().equals("licenseName"))
                    this.licenseName = childNode.getTextContent().trim();
                if (childNode.getNodeName().equals("licenseKey"))
                    this.licenseKey = childNode.getTextContent().trim();
                String value;
                if (childNode.getNodeName().equals("imgWidth")) {
                    value = childNode.getTextContent().trim();
                    value = value.replaceAll("//D", "");

                    try {
                        this.imgWidth = Integer.valueOf(value);
                    } catch (NumberFormatException var13) {
                        this.imgWidth = null;
                    }
                }
                if (childNode.getNodeName().equals("imgQuality")) {
                    value = childNode.getTextContent().trim();
                    value = value.replaceAll("//D", "");
                    method = clazz.getDeclaredMethod("adjustQuality", new Class[]{String.class});
                    method.setAccessible(true);
                    this.imgQuality = Float.parseFloat(method.invoke(this, value).toString());
                }
                if (childNode.getNodeName().equals("imgHeight")) {
                    value = childNode.getTextContent().trim();
                    value = value.replaceAll("//D", "");
                    try {
                        this.imgHeight = Integer.valueOf(value);
                    } catch (NumberFormatException var12) {
                        this.imgHeight = null;
                    }
                }
                if (childNode.getNodeName().equals("thumbs")) {
                    method = clazz.getDeclaredMethod("setThumbs", new Class[]{NodeList.class});
                    method.setAccessible(true);
                    method.invoke(this, childNode.getChildNodes());
                }
                if (childNode.getNodeName().equals("accessControls")) {
                    method = clazz.getDeclaredMethod("setACLs", new Class[]{NodeList.class});
                    method.setAccessible(true);
                    method.invoke(this, childNode.getChildNodes());
                }
                if (childNode.getNodeName().equals("hideFolders")) {
                    method = clazz.getDeclaredMethod("setHiddenFolders", new Class[]{NodeList.class});
                    method.setAccessible(true);
                    method.invoke(this, childNode.getChildNodes());
                }
                if (childNode.getNodeName().equals("hideFiles")) {
                    method = clazz.getDeclaredMethod("setHiddenFiles", new Class[]{NodeList.class});
                    method.setAccessible(true);
                    method.invoke(this, childNode.getChildNodes());
                }
                if (childNode.getNodeName().equals("checkDoubleExtension"))
                    this.doubleExtensions = Boolean.valueOf(childNode.getTextContent().trim()).booleanValue();
                if (childNode.getNodeName().equals("disallowUnsafeCharacters"))
                    this.disallowUnsafeCharacters = Boolean.valueOf(childNode.getTextContent().trim()).booleanValue();
                if (childNode.getNodeName().equals("forceASCII"))
                    this.forceASCII = Boolean.valueOf(childNode.getTextContent().trim()).booleanValue();
                if (childNode.getNodeName().equals("checkSizeAfterScaling"))
                    this.checkSizeAfterScaling = Boolean.valueOf(childNode.getTextContent().trim()).booleanValue();
                Scanner sc;
                if (childNode.getNodeName().equals("htmlExtensions")) {
                    value = childNode.getTextContent();
                    sc = (new Scanner(value)).useDelimiter(",");
                    while (sc.hasNext()) {
                        String val = sc.next();
                        if (val != null && !val.equals(""))
                            this.htmlExtensions.add(val.trim().toLowerCase());
                    }
                }
                if (childNode.getNodeName().equals("secureImageUploads"))
                    this.secureImageUploads = Boolean.valueOf(childNode.getTextContent().trim()).booleanValue();
                if (childNode.getNodeName().equals("uriEncoding"))
                    this.uriEncoding = childNode.getTextContent().trim();
                if (childNode.getNodeName().equals("userRoleSessionVar"))
                    this.userRoleSessionVar = childNode.getTextContent().trim();
                if (childNode.getNodeName().equals("defaultResourceTypes")) {
                    value = childNode.getTextContent().trim();
                    sc = (new Scanner(value)).useDelimiter(",");
                    while (sc.hasNext())
                        this.defaultResourceTypes.add(sc.next());
                }
                if (childNode.getNodeName().equals("plugins")) {
                    method = clazz.getDeclaredMethod("setPlugins", new Class[]{Node.class});
                    method.setAccessible(true);
                    method.invoke(this, childNode);

                }
                if (childNode.getNodeName().equals("basePathBuilderImpl")) {
                    method = clazz.getDeclaredMethod("setBasePathImpl", new Class[]{String.class});
                    method.setAccessible(true);
                    method.invoke(this, childNode.getTextContent().trim());
                }
            }
        }
        method = clazz.getDeclaredMethod("setTypes", new Class[]{Document.class});
        method.setAccessible(true);
        method.invoke(this, doc);
        field = clazz.getDeclaredField("events");
        field.setAccessible(true);
        field.set(this, new Events());
        this.registerEventHandlers();
    }

    @Override
    public boolean checkIfReloadConfig() throws ConnectorException {
        return false;
    }
}

6、新增 Webservlet 类

package com.sample.common.servlet;

import com.ckfinder.connector.ConnectorServlet;

import javax.servlet.annotation.WebInitParam;
import javax.servlet.annotation.WebServlet;

@WebServlet(urlPatterns = "/ckfinder/core/connector/java/connector.java", initParams = {
        @WebInitParam(name = "XMLConfig", value = "classpath:ckfinder.xml"),
        @WebInitParam(name = "debug", value = "false"),
        @WebInitParam(name = "configuration", value = "com.sample.common.config.CKFinderConfig")
})
public class ImageBrowseServlet extends ConnectorServlet {
}

7、调用页面

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Ckfinder</title>
</head>
<body>
    <input type="text" class="form-control" id="url" >
    <input type="submit" id="add" class="btn btn-default" onclick="BrowseServer()" value="选择图片">
</body>

<script type="text/javascript" src="${request.contextPath}/ckfinder/ckfinder.js"></script>
<script>
    function BrowseServer()
    {
        var finder = new CKFinder() ;
        finder.basePath = '${request.contextPath}/ckfinder/ckfinder.html';  //导入CKFinder的路径
        finder.selectActionFunction = SetFileField; //设置文件被选中时的函数
        // finder.selectActionData = inputId;  //接收地址的input ID
        finder.popup() ;
    }

    //文件选中时执行
    function SetFileField(fileUrl,data)
    {
        document.getElementById("url").value = fileUrl ;
    }

</script>
</html>

 

 类似资料: