package demo; import java.io.File; import java.io.FileOutputStream; import java.io.InputStream; import java.util.regex.Matcher; import java.util.regex.Pattern; import org.junit.Test; import com.aspose.words.Document; import com.aspose.words.FontSettings; import com.aspose.words.License; public class Demo { public static void main(String[] args) { String str = "../information/../../../../../../../../../../etc/passwd%00.jpg"; System.out.println(str.indexOf("../")); } public static boolean doc2pdf(String inpath, String outpath) { boolean flag = false; if (checkLicense()) { try { FontSettings.getDefaultInstance().setFontsFolder("C:\Windows\Fonts", true); File file = new File(outpath); FileOutputStream os = new FileOutputStream(file); Document doc = new Document(inpath); doc.save(os, 40); } catch (Exception var5) { var5.printStackTrace(); } flag = true; } return flag; } public static boolean checkLicense() { boolean result = false; try { InputStream is = Demo.class.getClassLoader().getResourceAsStream("license.xml"); License aposeLic = new License(); aposeLic.setLicense(is); result = true; } catch (Exception var3) { var3.printStackTrace(); } return result; } public static boolean containsSqlInjection(Object obj){ Pattern pattern= Pattern.compile("\b(and|exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare|or)\b|(\*|;|\+|'|%)"); Matcher matcher=pattern.matcher(obj.toString().toLowerCase()); return matcher.find(); } @Test public void testContainsSqlInjection(){ boolean b1=containsSqlInjection("and nm=1"); boolean b2=containsSqlInjection("niamsh delete from "); boolean b3=containsSqlInjection("stand"); boolean b4=containsSqlInjection("and"); boolean b5=containsSqlInjection("niasdm%asjdj"); } }