package com.gdxsoft.web.http;

import com.gdxsoft.easyweb.data.DTTable;
import com.gdxsoft.easyweb.script.RequestValue;
import com.gdxsoft.easyweb.utils.UPath;
import com.gdxsoft.web.acl.Login;
import java.io.File;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/gdxsoft/web/http/HttpOaSysAttView.class */
public class HttpOaSysAttView extends HttpFileViewBase implements IHttp {
    private static Logger LOGGER = LoggerFactory.getLogger(HttpOaSysAttView.class);

    public HttpOaSysAttView(String str) {
        super.setPdfJs(str);
    }

    @Override // com.gdxsoft.web.http.IHttp
    public String response(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletResponse.setCharacterEncoding("utf-8");
        RequestValue requestValue = new RequestValue(httpServletRequest);
        super.setRequest(httpServletRequest);
        super.setResponse(httpServletResponse);
        super.setRv(requestValue);
        super.initParameters();
        StringBuilder sb = new StringBuilder();
        if (requestValue.s("db") == null || requestValue.s("db").trim().length() <= 0) {
            sb.append("SELECT * from sys_atts WHERE 1=1 \n");
        } else {
            String s = requestValue.s("db");
            if (s.indexOf("'") >= 0 || s.indexOf(" ") >= 0) {
                httpServletResponse.setStatus(404);
                return "ha ha ha";
            }
            sb.append("SELECT * from " + s + ". sys_atts WHERE 1=1 \n");
        }
        if (StringUtils.isNotBlank(requestValue.s("file_id"))) {
            sb.append(" AND file_id = @file_id ");
        }
        if (StringUtils.isNotBlank(requestValue.s("File_UnId"))) {
            sb.append(" AND file_UNID = @File_UnId");
        }
        DTTable jdbcTable = DTTable.getJdbcTable(sb.toString(), "", requestValue);
        if (jdbcTable.getCount() == 0) {
            return HttpFileViewBase.msgRecordNotExists(super.isEn(), super.isSkipHeader());
        }
        if (!"COM_YES".equalsIgnoreCase(jdbcTable.getCell(0, "file_para1").toString())) {
            boolean z = false;
            if (!Login.isSupplyLogined(requestValue)) {
                return HttpFileViewBase.msgNeedLogin(super.isEn(), super.isSkipHeader());
            }
            if (Login.getLoginedSupId(requestValue).intValue() == jdbcTable.getCell(0, "sup_id").toInt().intValue()) {
                z = true;
            }
            if (!z) {
                return HttpFileViewBase.msgNoRightWithSup(super.isEn(), super.isSkipHeader());
            }
        }
        String dTCell = jdbcTable.getCell(0, "file_path").toString();
        String dTCell2 = jdbcTable.getCell(0, "file_ext").toString();
        if (dTCell2 == null) {
            dTCell2 = "bin";
        }
        String dTCell3 = jdbcTable.getCell(0, "file_name").toString();
        if (!dTCell3.toLowerCase().endsWith("." + dTCell2.toLowerCase())) {
            dTCell3 = dTCell3 + "." + dTCell2;
        }
        File file = new File(UPath.getPATH_UPLOAD() + dTCell.replace(UPath.getPATH_UPLOAD_URL(), "").replace("//", "/"));
        file.getAbsolutePath();
        if (!file.exists()) {
            return HttpFileViewBase.msgPhyFileNotExists(super.isEn(), super.isSkipHeader());
        }
        try {
            return super.handleFile(file, dTCell2, dTCell3, true, "W/sysatts" + jdbcTable.getCell(0, "file_id").toString());
        } catch (Exception e) {
            LOGGER.error(e.getMessage());
            return e.getLocalizedMessage();
        }
    }
}
