/* PLACE THIS CODE IN THE APPLET: import java.net.URLConnection; import java.net.URL; import java.io.BufferedOutputStream; import java.io.BufferedInputStream; private void saveFile (byte[] bytes, String file_name) { try { URL url = new URL ( getDocumentBase (), "path.to.servlet" + "?file_name=" + file_name ); URLConnection url_c = url.openConnection(); url_c.setDoOutput (true); url_c.setDoInput (true); url_c.setUseCaches (false); url_c.setDefaultUseCaches(false); url_c.setRequestProperty("Content-Type", "application/octet-stream"); BufferedOutputStream bos = new BufferedOutputStream(url_c.getOutputStream()); bos.write (bytes); bos.flush(); bos.close(); BufferedInputStream bis = new BufferedInputStream (url_c.getInputStream()); byte buf [] = new byte[1024]; String msg = ""; for (int i = 0; i > -1; i = bis.read(buf)) msg += new String(buf, 0, i); bis.close(); System.out.println(msg); } catch (Throwable t) { System.out.println(t.toString()); } } */ import java.io.IOException; import java.io.PrintStream; import java.io.FileOutputStream; import java.io.InputStream; import java.io.OutputStream; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpSession; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class save2disk extends HttpServlet { private final String aok_message = "file saved on network!", nok_message = "file not saved: parameters wrong", base_directory = "the.folder.to.save.the.file.in"; private String user; /* private void doLogin ( HttpServletRequest request, user, pass ) { if (user.equals ("username) && pass.equals ("secretpassword")) { HttpSession session = request.getSession (true); session.setAttribute ("logon.isDone", (Object) user); // deprecated: session.putValue ("logon.isDone", user); } } ¨ */ // this one assumes some sort of logon procedure like the one above: private boolean isLoggedIn ( HttpServletRequest request ) { HttpSession session = request.getSession (true); String check_user = (String) session.getAttribute ("logon.isDone"); if (check_user == null) { return false; } else { user = check_user; return true; } } // to remove funny characters from the input - we don't want anybody // stepping out of the base directory private String strip (String str) { if (str != null) { str = str.substring (str.lastIndexOf ("\\") + 1); str = str.substring (str.lastIndexOf ("/") + 1); } return str; } public void service ( HttpServletRequest request, HttpServletResponse response ) throws ServletException, IOException { String file_name = strip (getFormParam (request, "file_name")); if ( isLoggedIn ( request) && copy ( request.getInputStream(), base_directory + "/" + user + "/" + file_name ) ) reply ( response, "message from " + getServletConfig().getServletContext().getServerInfo() + ":\n" + aok_message ); else reply ( response, "message from " + getServletConfig().getServletContext().getServerInfo() + ":\n" + nok_message ); } private boolean copy ( InputStream is, String new_file ) { try { FileOutputStream fos = new FileOutputStream ( new_file ); int count; int counter = 0; int max = 25; // setting a 100 k max size on the file byte [] buf = new byte [4096]; while ((count = is.read(buf, 0, buf.length)) != -1 && counter++ < max) fos.write (buf, 0, count); fos.flush(); fos.close(); is.close(); return true; } catch (Throwable t) { return false; } } private void reply ( HttpServletResponse response, String msg ) throws IOException { response.setContentType("text/html"); PrintStream ps = new PrintStream ( response.getOutputStream() ); ps.print (msg); ps.flush(); ps.close(); } private String getFormParam ( HttpServletRequest request, String name ) { String str = request.getParameter (name); return (str != null) ? str : new String (); } }