package cn.easyproject.easyfilter.filter;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:cn/easyproject/easyfilter/filter/EasyFilter.class */
public class EasyFilter implements Filter {
    public String charset;
    private List<Pattern> excludeKeywordRegex = new ArrayList();
    private List<Pattern> excludeKeywordURIRegex = new ArrayList();
    private List<String> sqlFilterList = new ArrayList();
    private Set<Pattern> includeSqlInjectRegexSet = new HashSet();
    private boolean keywordFilterFlag = false;
    private boolean sqlFilterFlag = false;
    private static Map<String, String> keywordFilterMap = new HashMap();
    private static Map<String, String> sqlInjectFilterMap = new HashMap();

    public void init(FilterConfig filterConfig) throws ServletException {
        this.charset = filterConfig.getInitParameter("charset");
        this.charset = this.charset != null ? this.charset.trim() : "utf-8";
        InputStream resourceAsStream = EasyFilter.class.getResourceAsStream("/easyFilter.xml");
        boolean z = true;
        if (resourceAsStream == null) {
            z = false;
            resourceAsStream = EasyFilter.class.getResourceAsStream("/easyFilter.properties");
            if (resourceAsStream == null) {
                EasyFilter.class.getResourceAsStream("/easyFilter-failsafe.properties");
            }
        }
        Properties properties = new Properties();
        if (z) {
            try {
                Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(resourceAsStream);
                NodeList elementsByTagName = parse.getDocumentElement().getElementsByTagName("keywordFilter");
                NodeList elementsByTagName2 = parse.getDocumentElement().getElementsByTagName("sqlFilter");
                if (elementsByTagName.getLength() > 0) {
                    NodeList childNodes = elementsByTagName.item(0).getChildNodes();
                    if (childNodes.getLength() > 0) {
                        for (int i = 0; i < childNodes.getLength(); i++) {
                            Node item = childNodes.item(i);
                            if (item.getNodeName().equals("filter")) {
                                properties.put("keywordFilter", item.getTextContent().trim());
                            } else if (item.getNodeName().equals("defaultReplace")) {
                                properties.put("defaultReplace", item.getTextContent().trim());
                            } else if (item.getNodeName().equals("replaceList")) {
                                NodeList elementsByTagName3 = ((Element) item).getElementsByTagName("replace");
                                if (elementsByTagName3.getLength() > 0) {
                                    for (int i2 = 0; i2 < elementsByTagName3.getLength(); i2++) {
                                        NamedNodeMap attributes = elementsByTagName3.item(i2).getAttributes();
                                        if (attributes.getNamedItem("replace") != null) {
                                            properties.put(attributes.getNamedItem("keyword").getNodeValue().trim(), attributes.getNamedItem("replace").getNodeValue().trim());
                                        } else {
                                            properties.put(attributes.getNamedItem("keyword").getNodeValue().trim(), "");
                                        }
                                    }
                                }
                            } else if (item.getNodeName().equals("excludeParameters")) {
                                NodeList elementsByTagName4 = ((Element) item).getElementsByTagName("keyword");
                                if (elementsByTagName4.getLength() > 0) {
                                    StringBuilder sb = new StringBuilder();
                                    for (int i3 = 0; i3 < elementsByTagName4.getLength(); i3++) {
                                        String trim = elementsByTagName4.item(i3).getTextContent().trim();
                                        if (trim.startsWith("##")) {
                                            trim = trim.substring(1);
                                        }
                                        sb.append(trim);
                                        if (!sb.toString().endsWith("##")) {
                                            sb.append("##");
                                        }
                                    }
                                    properties.put("excludeKeywordFilterParameters", sb.toString());
                                }
                            } else if (item.getNodeName().equals("excludeURI")) {
                                NodeList elementsByTagName5 = ((Element) item).getElementsByTagName("uri");
                                if (elementsByTagName5.getLength() > 0) {
                                    StringBuilder sb2 = new StringBuilder();
                                    for (int i4 = 0; i4 < elementsByTagName5.getLength(); i4++) {
                                        String trim2 = elementsByTagName5.item(i4).getTextContent().trim();
                                        if (trim2.startsWith("##")) {
                                            trim2 = trim2.substring(1);
                                        }
                                        sb2.append(trim2);
                                        if (!sb2.toString().endsWith("##")) {
                                            sb2.append("##");
                                        }
                                    }
                                    properties.put("excludeKeywordFilterURI", sb2.toString());
                                }
                            }
                        }
                    }
                }
                if (elementsByTagName2.getLength() > 0) {
                    NodeList childNodes2 = elementsByTagName2.item(0).getChildNodes();
                    if (childNodes2.getLength() > 0) {
                        for (int i5 = 0; i5 < childNodes2.getLength(); i5++) {
                            Node item2 = childNodes2.item(i5);
                            if (item2.getNodeName().equals("filter")) {
                                properties.put("sqlInjectFilter", item2.getTextContent().trim());
                            } else if (item2.getNodeName().equals("injectFilterList")) {
                                NodeList elementsByTagName6 = ((Element) item2).getElementsByTagName("value");
                                StringBuilder sb3 = new StringBuilder();
                                if (elementsByTagName6.getLength() > 0) {
                                    for (int i6 = 0; i6 < elementsByTagName6.getLength(); i6++) {
                                        String trim3 = elementsByTagName6.item(i6).getTextContent().trim();
                                        if (trim3.startsWith("##")) {
                                            trim3 = trim3.substring(1);
                                        }
                                        sb3.append(trim3);
                                        if (!sb3.toString().endsWith("##")) {
                                            sb3.append("##");
                                        }
                                    }
                                }
                                properties.put("sqlInjectFilterList", sb3.toString());
                            } else if (item2.getNodeName().equals("includeParameters")) {
                                NodeList elementsByTagName7 = ((Element) item2).getElementsByTagName("value");
                                StringBuilder sb4 = new StringBuilder();
                                if (elementsByTagName7.getLength() > 0) {
                                    for (int i7 = 0; i7 < elementsByTagName7.getLength(); i7++) {
                                        String trim4 = elementsByTagName7.item(i7).getTextContent().trim();
                                        if (trim4.startsWith("##")) {
                                            trim4 = trim4.substring(1);
                                        }
                                        sb4.append(trim4);
                                        if (!sb4.toString().endsWith("##")) {
                                            sb4.append("##");
                                        }
                                    }
                                }
                                properties.put("includeSqlInjectFilterParameters", sb4.toString());
                            }
                        }
                    }
                }
            } catch (IOException e) {
                e.printStackTrace();
            } catch (ParserConfigurationException e2) {
                e2.printStackTrace();
            } catch (SAXException e3) {
                e3.printStackTrace();
            }
        } else {
            try {
                properties.load(resourceAsStream);
            } catch (Exception e4) {
                try {
                    properties.load(EasyFilter.class.getResourceAsStream("/easyFilter-failsafe.properties"));
                } catch (IOException e5) {
                    e5.printStackTrace();
                }
            }
        }
        try {
            String property = properties.getProperty("keywordFilter");
            String trim5 = property != null ? property.trim() : "off";
            String property2 = properties.getProperty("sqlInjectFilter");
            String trim6 = property2 != null ? property2.trim() : "off";
            String property3 = properties.getProperty("sqlInjectFilterList");
            String trim7 = property3 != null ? property3.trim() : "";
            if (!trim7.equals("")) {
                for (String str : trim7.split("##")) {
                    sqlInjectFilterMap.put(str, "");
                }
            }
            if (trim6.equalsIgnoreCase("on")) {
                this.sqlFilterFlag = true;
                String property4 = properties.getProperty("includeSqlInjectFilterParameters");
                String trim8 = property4 != null ? property4.trim() : "";
                if (!trim7.equals("")) {
                    for (String str2 : trim7.split("##")) {
                        this.sqlFilterList.add(str2);
                    }
                }
                if (!trim8.equals("")) {
                    for (String str3 : trim8.split("##")) {
                        this.includeSqlInjectRegexSet.add(Pattern.compile(str3));
                    }
                }
            }
            if (trim5.equalsIgnoreCase("on")) {
                this.keywordFilterFlag = true;
            }
            String property5 = properties.getProperty("defaultReplace");
            String trim9 = property5 != null ? property5.trim() : "";
            String property6 = properties.getProperty("keywordAndReplaceList");
            String trim10 = property6 != null ? property6.trim() : "";
            String property7 = properties.getProperty("excludeKeywordFilterParameters");
            String trim11 = property7 != null ? property7.trim() : "";
            String property8 = properties.getProperty("excludeKeywordFilterURI");
            String trim12 = property8 != null ? property8.trim() : "";
            if (!trim11.equals("")) {
                for (String str4 : trim11.split("##")) {
                    this.excludeKeywordRegex.add(Pattern.compile(str4));
                }
            }
            if (!trim12.equals("")) {
                for (String str5 : trim12.split("##")) {
                    this.excludeKeywordURIRegex.add(Pattern.compile(str5));
                }
            }
            if (!trim10.equals("")) {
                for (String str6 : trim10.split("##")) {
                    String trim13 = str6.trim();
                    if (trim13.length() > 0) {
                        String[] split = trim13.split(",");
                        if (split.length > 1) {
                            keywordFilterMap.put(split[0].trim(), split[1].trim());
                        } else {
                            keywordFilterMap.put(split[0].trim(), trim9);
                        }
                    }
                }
            }
            properties.remove("keywordFilter");
            properties.remove("defaultReplace");
            properties.remove("keywordAndReplaceList");
            properties.remove("excludeKeywordFilterParameters");
            properties.remove("excludeKeywordFilterURI");
            properties.remove("sqlInjectFilter");
            properties.remove("sqlInjectFilterList");
            properties.remove("includeSqlInjectFilterParameters");
            for (Map.Entry entry : properties.entrySet()) {
                keywordFilterMap.put(entry.getKey().toString(), entry.getValue().toString());
            }
        } catch (Exception e6) {
            e6.printStackTrace();
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        httpServletRequest.setCharacterEncoding(this.charset);
        if (filterURI(httpServletRequest)) {
            if (this.sqlFilterFlag && this.keywordFilterFlag) {
                filterParameter(httpServletRequest);
            } else {
                if (this.sqlFilterFlag) {
                    filterSQLParameter(httpServletRequest);
                }
                if (this.keywordFilterFlag) {
                    filterKeywordsParameter(httpServletRequest);
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean filterURI(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        Iterator<Pattern> it = this.excludeKeywordURIRegex.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(requestURI).matches()) {
                return false;
            }
        }
        return true;
    }

    /* JADX WARN: Removed duplicated region for block: B:26:0x00cf  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void filterParameter(javax.servlet.http.HttpServletRequest r5) {
        /*
            Method dump skipped, instructions count: 360
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: cn.easyproject.easyfilter.filter.EasyFilter.filterParameter(javax.servlet.http.HttpServletRequest):void");
    }

    private void filterSQLParameter(HttpServletRequest httpServletRequest) {
        for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
            Iterator<Pattern> it = this.includeSqlInjectRegexSet.iterator();
            while (it.hasNext()) {
                if (it.next().matcher((CharSequence) entry.getKey()).matches()) {
                    String[] strArr = (String[]) entry.getValue();
                    for (int i = 0; i < strArr.length; i++) {
                        String str = strArr[i];
                        Iterator<String> it2 = this.sqlFilterList.iterator();
                        while (it2.hasNext()) {
                            str = str.replace(it2.next(), "");
                        }
                        strArr[i] = str;
                    }
                }
            }
        }
    }

    private void filterKeywordsParameter(HttpServletRequest httpServletRequest) {
        for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
            boolean z = false;
            Iterator<Pattern> it = this.excludeKeywordRegex.iterator();
            while (true) {
                if (it.hasNext()) {
                    if (it.next().matcher((CharSequence) entry.getKey()).matches()) {
                        z = true;
                        break;
                    }
                } else {
                    break;
                }
            }
            if (!z) {
                String[] strArr = (String[]) entry.getValue();
                for (int i = 0; i < strArr.length; i++) {
                    String str = strArr[i];
                    for (Map.Entry<String, String> entry2 : keywordFilterMap.entrySet()) {
                        str = str.replace(entry2.getKey(), entry2.getValue());
                    }
                    strArr[i] = str;
                }
            }
        }
    }

    public void destroy() {
    }

    public static void filterKeyWord(Object obj, String[] strArr) {
        EasyObjectFilter.filter(obj, keywordFilterMap, strArr);
    }

    public static void filterSQLInject(Object obj, String[] strArr) {
        EasyObjectFilter.filter(obj, sqlInjectFilterMap, strArr);
    }

    public static void filterKeyWord(Object obj) {
        EasyObjectFilter.filter(obj, keywordFilterMap);
    }

    public static void filterSQLInject(Object obj) {
        EasyObjectFilter.filter(obj, sqlInjectFilterMap);
    }
}
