From e49eb5e433767386a09732f5942b6425098b511b Mon Sep 17 00:00:00 2001
From: emusic <emina.music@egiz.gv.at>
Date: Wed, 21 Mar 2018 13:06:24 +0100
Subject: changes regarding protection, bug fix, thread safe

---
 .../gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java   | 13 ++++++++++---
 .../at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java    | 11 +++++++++++
 2 files changed, 21 insertions(+), 3 deletions(-)

(limited to 'pdf-as-web')

diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
index 8a58d364..29b7eb21 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
@@ -71,8 +71,10 @@ public class PdfAsParameterExtractor {
 	public static final String PARAM_PREPROCESSOR_PREFIX = "pp:";
 	public static final String PARAM_OVERWRITE_PREFIX = "ov:";
 	public static final String PARAM_QRCODE_CONTENT = "qrcontent";
-	
-	
+	public static final String PARAM_PLACEHOLDERID = "placeholder_id";
+
+
+
 	public static String getConnector(HttpServletRequest request) {
 		String connector = (String)request.getAttribute(PARAM_CONNECTOR);
 		if(connector != null) {
@@ -85,7 +87,12 @@ public class PdfAsParameterExtractor {
 		String qrcodeContent = (String)request.getAttribute(PARAM_QRCODE_CONTENT);
 		return qrcodeContent;
 	}
-	
+
+	public static String getPlaceholderId(HttpServletRequest request) {
+		String placeholderId = (String)request.getAttribute(PARAM_PLACEHOLDERID);
+		return placeholderId;
+	}
+
 	public static String getTransactionId(HttpServletRequest request) {
 		String transactionId = (String)request.getAttribute(PARAM_TRANSACTION_ID);
 		return transactionId;
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index 4ec8021d..07fb7d65 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -171,6 +171,9 @@ public class ExternSignServlet extends HttpServlet {
 		try {
 			byte[] filecontent = null;
 
+
+
+
 			// checks if the request actually contains upload file
 			if (!ServletFileUpload.isMultipartContent(request)) {
 				// No Uploaded data!
@@ -181,6 +184,12 @@ public class ExternSignServlet extends HttpServlet {
 					throw new PdfAsWebException("No Signature data defined!");
 				}
 			} else {
+
+
+				//takes placeholder id if exist
+				//if(request.getParameter("placeholder_id")!=null && !request.getParameter("placeholder_id").isEmpty()){
+				//	String placeholder_id = request.getParameter("placeholder_id");
+				//}
 				// configures upload settings
 				DiskFileItemFactory factory = new DiskFileItemFactory();
 				factory.setSizeThreshold(WebConfiguration.getFilesizeThreshold());
@@ -335,6 +344,8 @@ public class ExternSignServlet extends HttpServlet {
 		
 		String locale = PdfAsParameterExtractor.getLocale(request);
 		PdfAsHelper.setLocale(request, response, locale);
+
+		String placeholder_id = PdfAsParameterExtractor.getPlaceholderId(request);
 		
 		String filename = PdfAsParameterExtractor.getFilename(request);
 		if(filename != null) {
-- 
cgit v1.2.3