How to integrate a Jsp file to ColdFusion?

0
votes

I have created a web page using ColdFusion. In that cfm file I have the following tag for redirection:

<a href="pingdirect.jsp?Directory=#insdirs.ID_Directory#&Qlid=#inc_Requestor#">Grant

This is my Pingdirect.jsp file:

String param=request.getParameter("Directory");                   
String qid=request.getParameter("Qlid");           
try {
    String command1="Runas /user:"+param+" /grant "+qid+":(OI)(CI)(M,RX,W)\"";
    Runtime rt = Runtime.getRuntime();
    Process p=rt.exec("cmd /c start" +command1);
} catch(Exception e) {
    System.out.println(e);
}

My problem is that when I click "grant", it redirects the page to pingdirect.jsp. But it does not open the command prompt.

Can anyone please guide me?

2
jspcoldfusion
Not directly related to your question, but your code is taking input from a user and executing it without validating the input. If I request Pingdirect.jsp?Directory=administrator%40del%20c:\ then bad things could happen - barnyr
That directory and qid values will be taken from the database. Thats are all rest of my coding part.. Here i have just shown the redirection line only.. - Manikandan
Where are you expecting to see the CMD prompt? - Adrian Lynch

2 Answers

0
votes

I'd start by looking at the parameters that are trying to be passed through...

Remembering in jsp there can appear to be no difference between GET and POST variables where as in ColdFusion these exist in the URL and FORM scope respectively.

Where do insdirs.ID_Directory and inc_Requestor come from and is it possible that they are being not set or set incorrectly.

If you manually navigate to the pingdirect.jsp?Directory=[expected value]&Qlid=[expected value] page what happens (and what values are needed in the query string (the url parameters)?

I'd suggest that you keep variable names that are passed by query all in one case (so make Directory directory and Qlid qlid).

If you can manually get there and the parameters are being passed through correctly it's probably time to start debugging the jsp page line by line.

Ben

0
votes

You could try replacing getParameter with getAttribute;

String param=request.getAttribute("Directory");                   
String qid=request.getAttribute("Qlid");

and, additionally, verify that the attributes actually exist;

if ((param == null) || (qid == null)) 
{
// MZ: Handle the exception here
}