修复xss漏洞

WebRoot/WEB-INF/spring-servlet.xml

@@ -1388,4 +1388,5 @@
 
     </bean>
 
+
 </beans>

WebRoot/err/404.jsp

@@ -24,8 +24,11 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme =null;
+		}
     }else
-    	theme = "";
+    	theme = null;
 
     %>
 <!DOCTYPE html>

WebRoot/index_QrCode.jsp

@@ -22,7 +22,7 @@
     <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
     <title>智慧消防管理平台</title>
     <style type="">
-        #code img{
+        #code img {
             margin: 0 auto;
             padding-top: 24px;
         }
@@ -36,24 +36,30 @@
                 <p>
                     <img src="res/img/login_title.png" alt="">
                 </p>
-<%--                <p>--%>
-<%--                    <span>用户名</span>--%>
-<%--                    <input type="text" placeholder="请输入用户名" id="username" name="username" autocomplete="off">--%>
-<%--                </p>--%>
-<%--                <p>--%>
-<%--                    <span>密　码</span>--%>
-<%--                    <input type="password" placeholder="请输入密码" id="password" name="password" autocomplete="off">--%>
-<%--                </p>--%>
-<%--                <p style="display:flex">--%>
-<%--                    <span>验证码</span>--%>
-<%--                    <input id="userCaptcha" name="userCaptcha" type="text" maxlength="4" class="inputs"   placeholder="请输入验证码" autocomplete="off"/>--%>
-<%--                    <img id="kaptchaImage" src="./login/getCheckNumber" width="130" height="37" style="border: 1px solid rgba(255, 255, 255, 0.1); border-radius: 5px; " onclick="change();">--%>
-<%--                </p>--%>
-<%--                <p id="btn-submit" onclick="loginSubmit()">--%>
-<%--                    登 录--%>
-<%--                </p>--%>
+
+
+                <%--                <p>--%>
+                <%--                    <span>用户名</span>--%>
+                <%--                    <input type="text" placeholder="请输入用户名" id="username" name="username" autocomplete="off">--%>
+                <%--                </p>--%>
+                <%--                <p>--%>
+                <%--                    <span>密　码</span>--%>
+                <%--                    <input type="password" placeholder="请输入密码" id="password" name="password" autocomplete="off">--%>
+                <%--                </p>--%>
+                <%--                <p style="display:flex">--%>
+                <%--                    <span>验证码</span>--%>
+                <%--                    <input id="userCaptcha" name="userCaptcha" type="text" maxlength="4" class="inputs"   placeholder="请输入验证码" autocomplete="off"/>--%>
+                <%--                    <img id="kaptchaImage" src="./login/getCheckNumber" width="130" height="37" style="border: 1px solid rgba(255, 255, 255, 0.1); border-radius: 5px; " onclick="change();">--%>
+                <%--                </p>--%>
+                <%--                <p id="btn-submit" onclick="loginSubmit()">--%>
+                <%--                    登 录--%>
+                <%--                </p>--%>
                 <div id="code" class="code" style="width: 100%;height: 230px;"></div>
-<%--                <iframe src="QrCode.html" style="border: 0px;width: 100%;height: 230px;"></iframe>--%>
+                <span>
+                    <p>使用永天智慧云智慧消防公众号“扫一扫”完成登录</p>
+                </span>
+                <%--                <iframe src="QrCode.html" style="border: 0px;width: 100%;height: 230px;"></iframe>--%>
+
             </div>
         </div>
     </div>
@@ -110,59 +116,58 @@
     });
 
     var uuid;
-    const URL = document.location.protocol+"//"+window.location.host;
+    const URL = document.location.protocol + "//" + window.location.host;
+
     function createUniqueString() {
         const timestamp = +new Date() + ''
         const randomNum = parseInt((1 + Math.random()) * 65536) + ''
         return (+(randomNum + timestamp)).toString(32)
     }
 
-    function newCode(str){
+    function newCode(str) {
         var qrcode = new QRCode(document.getElementById("code"), {
             id: 'er_image',
-            width : 200,
-            height : 200
+            width: 200,
+            height: 200
         });
         qrcode.makeCode(str);
     }
 
     var wsUri = "wss://qhome.usky.cn/wss/";
     var websocket = null;
-    var initWebSocket = function() {
-        try{
+    var initWebSocket = function () {
+        try {
             websocket = new WebSocket(wsUri);
-            websocket.onopen = function()
-            {
+            websocket.onopen = function () {
                 var json = {};
                 json.actfrom = "loginpage";
                 json.action = "query_ercode";
                 websocket.send(JSON.stringify(json));
-                setInterval(function(){
-                    if(websocket != null)
+                setInterval(function () {
+                    if (websocket != null)
                         websocket.send(JSON.stringify(json));
-                },30000)
+                }, 30000)
 
             };
 
-            websocket.onmessage = function (evt)
-            {
-                console.log("Received:",evt.data);
-                var jData =  eval('(' + evt.data + ')');
-                if (jData.action=="query_ercode"){
+            websocket.onmessage = function (evt) {
+                console.log("Received:", evt.data);
+                var jData = eval('(' + evt.data + ')');
+                if (jData.action == "query_ercode") {
                     document.getElementById("code").innerHTML = "";
                     var evm_loing = jData.value;
-                    newCode(""+evm_loing);
+                    newCode("" + evm_loing);
                     document.getElementById("code").title = '';
-                }else if (jData.action=="loginphone"){
+                } else if (jData.action == "loginphone") {
                     var action = jData.action;
                     var phonenumber = jData.phonenumber;
                     // document.getElementById("action").value='';
                     // document.getElementById("phonenumber").value='';
                     // document.getElementById("action").value=action;
                     // document.getElementById("phonenumber").value=phonenumber;
-                    setTimeout(()=>{
+                    setTimeout(() => {
                         location.href = URL + "/YtIoT/view/mainframe.jsp"
-                    },1000)
+                    }, 1000)
 
 
                     // alert("ceshi");
@@ -170,23 +175,23 @@
                 }
             };
 
-            websocket.onclose = function()
-            {
+            websocket.onclose = function () {
                 // 关闭 websocket
                 console.log('连接已关闭...');
                 // alert("连接已关闭...");
             };
 
 
-        }catch(exception){
-            console.log("Exception:",exception);
-            (function(){})()
+        } catch (exception) {
+            console.log("Exception:", exception);
+            (function () {
+            })()
         }
     }
 
     // $(document).ready(function(){
-        // $("#login_ok").hide();
-        initWebSocket();
+    // $("#login_ok").hide();
+    initWebSocket();
     // });
 
 </script>

WebRoot/opt/admin/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/admin/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/area/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/area/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/building/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/building/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/company/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/company/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/inspectionrecord/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/inspectors/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/outcrypackage/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/outcrypackage/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/patrolplan/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/opt/patrolpoint/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/point/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/point/version.jsp

@@ -1,43 +1,46 @@
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String pointId = request.getParameter("pointId");
     String css_name = "ext-all-access.css";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
     }
 %>
 <!DOCTYPE html>
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css?" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"opt/point/scripts/version.js?t="+t %>"></script>
-<title>监控单元记录版本</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css?" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"opt/point/scripts/version.js?t="+t %>"></script>
+    <title>监控单元记录版本</title>
 </head>
 <body>
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/opt/qrcodeanalysis/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/route/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/unit/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/unit/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/unitmodel/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/opt/unitmodel/version.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/view/checkrecord/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/view/checkrecord2/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/view/companyxx/index.jsp

@@ -1,46 +1,61 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code=="null")
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
+    if (company_code == "null")
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    }
+%>
+<%!
+    public boolean myRegex(String str) {
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
     }
 %>
 <!DOCTYPE html>
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css?" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/companyxx/scripts/companyxx.js?" %>"></script>
-<title>单位信息管理</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css?" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/companyxx/scripts/companyxx.js?" %>"></script>
+    <title>单位信息管理</title>
 </head>
 <body>
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/czjl/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/dataSearch/fireIndex.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/dataSearch/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/dataSearch/rtuIndex.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/efireAlarm/eFireDeviceIndex.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/efireAlarm/subeFireAlarm.jsp

@@ -1,53 +1,68 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code==null)
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme="";
+    if (company_code == null)
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex(String str) {
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/efireAlarm/scripts/efireOption.js" %>"></script>
-<title>火警监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/efireAlarm/scripts/efireOption.js" %>"></script>
+    <title>火警监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/efireAlarm/subeFireDevice.jsp

@@ -1,52 +1,72 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code==null)
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
+    if (company_code == null)
+        company_code = "";
+    if (!myRegex(company_code)){
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme=null;
+
+
+
+        }
+    }
+
+%>
+
+<%!
+    public boolean myRegex (String str){
+    Pattern pattern = Pattern.compile("^[0-9]*$");
+    Matcher matcher = pattern.matcher(str);
+    return matcher.matches();
     }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/efireAlarm/scripts/efireDevice.js" %>"></script>
-<title>火警监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/efireAlarm/scripts/efireDevice.js" %>"></script>
+    <title>火警监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/efireAnalysis/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/fireAlarm/FireDeviceIndex.jsp

@@ -1,46 +1,61 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code==null)
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
+    if (company_code == null)
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    }
+%>
+<%!
+    public boolean myRegex(String str) {
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
     }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/fireAlarm/scripts/fireDeviceIndex.js" %>"></script>
-<title>火警监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/fireAlarm/scripts/fireDeviceIndex.js" %>"></script>
+    <title>火警监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/fireAlarm/index.jsp

@@ -1,53 +1,69 @@
+<%@ page import="java.util.regex.Matcher" %>
+<%@ page import="java.util.regex.Pattern" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code=="null")
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme = "";
+    if (company_code == "null")
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex(String str) {
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/fireAlarm/scripts/fireOption.js" %>"></script>
-<title>火警监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/fireAlarm/scripts/fireOption.js" %>"></script>
+    <title>火警监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/fireAlarm/subFireAlarm.jsp

@@ -11,6 +11,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +31,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme="";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/fireAlarm/subFireDevice.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/fireAlarm/window.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme =null;
+		}
     }else
     	theme="";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/frontpage/company.jsp

@@ -1,53 +1,70 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String t = String.valueOf(System.currentTimeMillis());
     String company_code = request.getParameter("company_code");
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme = "";
+    if (company_code == null)
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex(String str) {
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html>
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name+"?t="+t %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css?t="+t %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/sunburst.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/variwide.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"view/frontpage/scripts/company.js" %>"></script>
-<title>IoT-02型消防综合监控系统</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name+"?t="+t %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css?t="+t %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/sunburst.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/variwide.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/frontpage/scripts/company.js" %>"></script>
+    <title>IoT-02型消防综合监控系统</title>
 </head>
 <body style="font-size:18pt;font-family:'微软雅黑', Microsoft YaHei; ">
 <div id="company_bg_tl" class="company_bg_tl"></div>

WebRoot/view/frontpage/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/frontpage/map.jsp

@@ -1,10 +1,12 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String viewAlarmType = request.getParameter("viewAlarmType");
@@ -14,235 +16,273 @@
     String company_code = request.getParameter("company_code");
     String loginname = request.getParameter("loginname");
     String password = request.getParameter("password");
-    if(viewAlarmType==null)
-    	viewAlarmType="11110010";
-    if(pieAlarmType==null)
-    	pieAlarmType="11110010";
-    if(statusType==null)
-    	statusType="11110010";
-    if((company_code==null)||(company_code=="null"))
-    	company_code = "";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme = "";
+    if (viewAlarmType == null)
+        viewAlarmType = "11110010";
+    if (!myRegex(viewAlarmType)) {
+        viewAlarmType = "";
+    }
+    if (pieAlarmType == null)
+        pieAlarmType = "11110010";
+    if (!myRegex(pieAlarmType)) {
+        pieAlarmType = null;
+    }
+    if (statusType == null)
+        statusType = "11110010";
+    if (!myRegex(statusType)) {
+        statusType = null;
+    }
+    if ((company_code == null) || (company_code == "null"))
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex(String str) {
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<meta http-equiv="X-UA-Compatible" content="IE=edge">
-<link type="text/css" rel="stylesheet" href="https://a.amap.com/jsapi_demos/static/demo-center/css/demo-center.css" />
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name+"?t="+t %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"view/efireAnalysis/layui/css/layui.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.5.1.min.js" %>"></script>
-<script type="text/javascript" src="https://webapi.amap.com/maps?v=1.4.13&key=246349bf278f6225fa80156828d0f061&plugin=AMap.Geocoder,Map3D"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/sunburst.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/usky/usky.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/frontpage/scripts/map.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/efireAnalysis/layui/layui.js" %>"></script>
-<title>Insert title here</title>
- <style>
-	html, body,
-		#container {
-		  width: 100%;
-		  height: 100%;
-		}
-		.layui-layer-title {
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <link type="text/css" rel="stylesheet"
+          href="https://a.amap.com/jsapi_demos/static/demo-center/css/demo-center.css"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name+"?t="+t %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"view/efireAnalysis/layui/css/layui.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.5.1.min.js" %>"></script>
+    <script type="text/javascript"
+            src="https://webapi.amap.com/maps?v=1.4.13&key=246349bf278f6225fa80156828d0f061&plugin=AMap.Geocoder,Map3D"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/sunburst.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/usky/usky.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/frontpage/scripts/map.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/efireAnalysis/layui/layui.js" %>"></script>
+    <title>Insert title here</title>
+    <style>
+        html, body,
+        #container {
+            width: 100%;
+            height: 100%;
+        }
+
+        .layui-layer-title {
             background: #081A32 !important;
             color: #fff !important;
             border-bottom: 1px solid #1E9FFF !important;
         }
-        
+
         .layui-layer {
             background: #072442 !important;
             color: #fff;
         }
-        
+
         .layui-layer-ico {
             border-radius: 50%;
         }
-        
+
         .layui-layer-btn .layui-layer-btn0 {
             font-size: 0.2rem;
         }
-</style>
+    </style>
 </head>
 <body style="padding:0;margin:0;border:0px;overflow:hidden;">
 <div id="container" style="background-image:radial-gradient(circle, rgba(23,21,57,0.2), rgba(9,9,27,1.0));">
-	<!-- 
-	<div id="mask_t" class="mask_top"></div>
-	<div id="mask_b" class="mask_bottom"></div>
-	<div id="mask_l" class="mask_left"></div>
-	<div id="mask_r" class="mask_right"></div>
-	 -->
-	<div id="map_header" class="map_header"></div>
-	<div id="bar5" class="search bar5">
+    <!--
+    <div id="mask_t" class="mask_top"></div>
+    <div id="mask_b" class="mask_bottom"></div>
+    <div id="mask_l" class="mask_left"></div>
+    <div id="mask_r" class="mask_right"></div>
+     -->
+    <div id="map_header" class="map_header"></div>
+    <div id="bar5" class="search bar5">
         <!-- <form > -->
-        <table style="border:none;"  border="0" cellpadding="0" cellspacing="0"><tr style="border:none;border-collapse: collapse;">
-        <td style="border:none;border-collapse: collapse; padding:0px; margin:0px;">
-            <input id="search_company" name="search_company" type="text" placeholder="请输入单位名称..." autocomplete="off" onkeydown="key_fun(event);" ><div class="bar5_clear" onclick="clear_search();" style="cursor:pointer;"></div></td>
-         </tr></table>
+        <table style="border:none;" border="0" cellpadding="0" cellspacing="0">
+            <tr style="border:none;border-collapse: collapse;">
+                <td style="border:none;border-collapse: collapse; padding:0px; margin:0px;">
+                    <input id="search_company" name="search_company" type="text" placeholder="请输入单位名称..."
+                           autocomplete="off" onkeydown="key_fun(event);">
+                    <div class="bar5_clear" onclick="clear_search();" style="cursor:pointer;"></div>
+                </td>
+            </tr>
+        </table>
         <!-- </form> -->
     </div>
-	<div id="saerch_company_list" class= "search_company_list" style="position:absolute;top:80px;right:200px;z-index:1001;font-size:14px;"></div>
-<!--
- 	<div id="border_top_left" style="background:url(../../res/img/border-tl.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; top:20px; left:20px;"></div>
-	<div id="border_top_right" style="background:url(../../res/img/border-tr.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; top:20px; right:20px;"></div>
-	<div id="border_bottom_left" style="background:url(../../res/img/border-bl.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; bottom:20px; left:20px;"></div>
-	<div id="border_bottom_right" style="background:url(../../res/img/border-br.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; bottom:20px; right:20px;"></div>
- -->
-	<!-- <div id="data_bar_area" class="data_bar_area">
-		<div id="data_bar" style="background:url(../../res/img/icons/data_bar.png) no-repeat;width:371px;height:891px;">
-			<table id="data_bar_table" style="border:0px solid #000;position:absolute;top:55px;left:41px;width:300px;">
-				 <tr>
-					<td id="data_title_1" colspan=2 class="data_bar_title" onclick="show_all_fireAlarm()">火灾监控</td>
-					<td id="data_pie_1" rowspan=3 style="width:100px" onclick="show_all_fireAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_11" class="data_bar_total_label" onclick="show_all_fireAlarm()">报告总数</td>
-					<td id="data_number_11" class="data_bar_total_number" onclick="show_all_fireAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_12" class="data_bar_alarm_label" onclick="show_all_fireAlarm()">待处理</td>
-					<td id="data_number_12" class="data_bar_alarm_number" onclick="show_all_fireAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_title_2" colspan=2 class="data_bar_title" onclick="show_all_efireAlarm()">电气火灾监控</td>
-					<td id="data_pie_2" rowspan=3 style="width:100px" onclick="show_all_efireAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_21" class="data_bar_total_label" onclick="show_all_efireAlarm()">报告总数</td>
-					<td id="data_number_21" class="data_bar_total_number" onclick="show_all_efireAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_22" class="data_bar_alarm_label" onclick="show_all_efireAlarm()">待处理</td>
-					<td id="data_number_22" class="data_bar_alarm_number" onclick="show_all_efireAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_title_3" colspan=2 class="data_bar_title" onclick="show_all_waterAlarm()">水系统监控</td>
-					<td id="data_pie_3" rowspan=3 style="width:100px" onclick="show_all_waterAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_31" class="data_bar_total_label" onclick="show_all_waterAlarm()">报告总数</td>
-					<td id="data_number_31" class="data_bar_total_number" onclick="show_all_waterAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_32" class="data_bar_alarm_label" onclick="show_all_waterAlarm()">待处理</td>
-					<td id="data_number_32" class="data_bar_alarm_number" onclick="show_all_waterAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_title_4" colspan=2 class="data_bar_title" onclick="show_all_rtuAlarm()">RTU监控</td>
-					<td id="data_pie_4" rowspan=3 style="width:100px" onclick="show_all_rtuAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_41" class="data_bar_total_label" onclick="show_all_rtuAlarm()">报告总数</td>
-					<td id="data_number_41" class="data_bar_total_number" onclick="show_all_rtuAlarm()"></td>
-				</tr>
-				<tr>
-					<td id="data_label_42" class="data_bar_alarm_label" onclick="show_all_rtuAlarm()">待处理</td>
-					<td id="data_number_42" class="data_bar_alarm_number" onclick="show_all_rtuAlarm()"></td>
-				</tr>
-			</table>
-			<table id="device_bar_table" style="position:absolute;top:561px;left:41px;width:280px;">
-				<tr>
-					<td id="device_title_1" colspan=2 class="device_info_title" onclick="show_all_fireDevice()">火灾监控设备</td>
-					<td id="device_count_1" class="align_right device_info" onclick="show_all_fireDevice()">总数：<span id="device_count_num_11" class="device_confirm_num0">0</span></td>
-				</tr>
-				<tr>
-					<td id="device_confirm_11" class="device_info" onclick="show_all_fireDevice()">已处理：<span id="device_count_num_12" class="device_confirm_num1">0</span></td>
-					<td id="device_confirm_12" class="device_info" onclick="show_all_fireDevice()">待处理：<span id="device_count_num_13" class="device_confirm_num2">0</span></td>
-					<td id="device_confirm_13" class="align_right device_info" onclick="show_all_fireDevice()">处置率：<span id="device_count_num_14" class="device_confirm_num3">0%</span></td>
-				</tr>
-				<tr>
-					<td colspan=3 style="height:28px;" onclick="show_all_fireDevice()">
-					<div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
-						<div id="device_confirm_14" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
-					</div>
-					</td>
-				</tr>
-				<tr>
-					<td id="device_title_2" colspan=2 class="device_info_title" onclick="show_all_efireDevice()">电气火灾监控设备</td>
-					<td id="device_count_2" class="align_right device_info" onclick="show_all_efireDevice()">总数：<span id="device_count_num_21" class="device_confirm_num0">0</span></td>
-				</tr>
-				<tr>
-					<td id="device_confirm_21" class="device_info" onclick="show_all_efireDevice()">已处理：<span id="device_count_num_22" class="device_confirm_num1">0</span></td>
-					<td id="device_confirm_22" class="device_info" onclick="show_all_efireDevice()">待处理：<span id="device_count_num_23" class="device_confirm_num2">0</span></td>
-					<td id="device_confirm_23" class="align_right device_info" onclick="show_all_efireDevice()">处置率：<span id="device_count_num_24" class="device_confirm_num3">0%</span></td>
-				</tr>
-				<tr>
-					<td colspan=3 style="height:28px;" onclick="show_all_efireDevice()">
-					<div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
-						<div id="device_confirm_24" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
-					</div>
-					</td>
-				</tr>
-				<tr>
-					<td id="device_title_3" colspan=2 class="device_info_title" onclick="show_all_waterDevice()">水系统监控设备</td>
-					<td id="device_count_3" class="align_right device_info" onclick="show_all_waterDevice()">总数：<span id="device_count_num_31" class="device_confirm_num0">0</span></td>
-				</tr>
-				<tr>
-					<td id="device_confirm_31" class="device_info" onclick="show_all_waterDevice()">已处理：<span id="device_count_num_32" class="device_confirm_num1">0</span></td>
-					<td id="device_confirm_32" class="device_info" onclick="show_all_waterDevice()">待处理：<span id="device_count_num_33" class="device_confirm_num2">0</span></td>
-					<td id="device_confirm_33" class="align_right device_info" onclick="show_all_waterDevice()">处置率：<span id="device_count_num_34" class="device_confirm_num3">0%</span></td>
-				</tr>
-				<tr>
-					<td colspan=3 style="height:28px;" onclick="show_all_waterDevice()">
-					<div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
-						<div id="device_confirm_34" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
-					</div>
-					</td>
-				</tr>
-				<tr>
-					<td id="device_title_4" colspan=2 class="device_info_title" onclick="show_all_rtuDevice()">RTU监控设备</td>
-					<td id="device_count_4" class="align_right device_info" onclick="show_all_rtuDevice()">总数：<span id="device_count_num_41" class="device_confirm_num0">0</span></td>
-				</tr>
-				<tr>
-					<td id="device_confirm_41" class="device_info" onclick="show_all_rtuDevice()">已处理：<span id="device_count_num_42" class="device_confirm_num1">0</span></td>
-					<td id="device_confirm_42" class="device_info" onclick="show_all_rtuDevice()">待处理：<span id="device_count_num_43" class="device_confirm_num2">0</span></td>
-					<td id="device_confirm_43" class="align_right device_info" onclick="show_all_rtuDevice()">处置率：<span id="device_count_num_44" class="device_confirm_num3">0%</span></td>
-				</tr>
-				<tr>
-					<td colspan=3 style="height:28px;" onclick="show_all_rtuDevice()">
-					<div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
-						<div id="device_confirm_44" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
-					</div>
-					</td>
-				</tr>
-			</table>
-		</div>
-	</div> -->
-	<div id="map_btn_bigger" class="map_btn map_btn_bigger_off" onmouseover="bigger_mouseover();" onmouseout="bigger_mouseout();" onclick="bigger_click();"></div>
-	<div id="map_btn_smaller" class="map_btn map_btn_smaller_off" onmouseover="smaller_mouseover();" onmouseout="smaller_mouseout();" onclick="smaller_click();"></div>
-	<div id="map_btn_showlaebl" class="map_btn map_btn_showlaebl_off" onmouseover="shower_mouseover();" onmouseout="shower_mouseout();" onclick="shower_click();"></div>
-	<div id="map_btn_left" class="map_btn map_btn_left_off" onmouseover="left_mouseover();" onmouseout="left_mouseout();" onclick="left_click();"></div>
-	<div id="map_btn_right" class="map_btn map_btn_right_off" onmouseover="right_mouseover();" onmouseout="right_mouseout();" onclick="right_click();"></div>
-	<div id="map_btn_high" class="map_btn map_btn_high_off" onmouseover="higher_mouseover();" onmouseout="higher_mouseout();" onclick="higher_click();"></div>
-	<div id="map_btn_low" class="map_btn map_btn_low_off" onmouseover="lower_mouseover();" onmouseout="lower_mouseout();" onclick="lower_click();"></div>
+    <div id="saerch_company_list" class="search_company_list"
+         style="position:absolute;top:80px;right:200px;z-index:1001;font-size:14px;"></div>
+    <!--
+         <div id="border_top_left" style="background:url(../../res/img/border-tl.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; top:20px; left:20px;"></div>
+        <div id="border_top_right" style="background:url(../../res/img/border-tr.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; top:20px; right:20px;"></div>
+        <div id="border_bottom_left" style="background:url(../../res/img/border-bl.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; bottom:20px; left:20px;"></div>
+        <div id="border_bottom_right" style="background:url(../../res/img/border-br.png) no-repeat; width:117px; height:117px; z-index:500; position:absolute; bottom:20px; right:20px;"></div>
+     -->
+    <!-- <div id="data_bar_area" class="data_bar_area">
+        <div id="data_bar" style="background:url(../../res/img/icons/data_bar.png) no-repeat;width:371px;height:891px;">
+            <table id="data_bar_table" style="border:0px solid #000;position:absolute;top:55px;left:41px;width:300px;">
+                 <tr>
+                    <td id="data_title_1" colspan=2 class="data_bar_title" onclick="show_all_fireAlarm()">火灾监控</td>
+                    <td id="data_pie_1" rowspan=3 style="width:100px" onclick="show_all_fireAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_11" class="data_bar_total_label" onclick="show_all_fireAlarm()">报告总数</td>
+                    <td id="data_number_11" class="data_bar_total_number" onclick="show_all_fireAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_12" class="data_bar_alarm_label" onclick="show_all_fireAlarm()">待处理</td>
+                    <td id="data_number_12" class="data_bar_alarm_number" onclick="show_all_fireAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_title_2" colspan=2 class="data_bar_title" onclick="show_all_efireAlarm()">电气火灾监控</td>
+                    <td id="data_pie_2" rowspan=3 style="width:100px" onclick="show_all_efireAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_21" class="data_bar_total_label" onclick="show_all_efireAlarm()">报告总数</td>
+                    <td id="data_number_21" class="data_bar_total_number" onclick="show_all_efireAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_22" class="data_bar_alarm_label" onclick="show_all_efireAlarm()">待处理</td>
+                    <td id="data_number_22" class="data_bar_alarm_number" onclick="show_all_efireAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_title_3" colspan=2 class="data_bar_title" onclick="show_all_waterAlarm()">水系统监控</td>
+                    <td id="data_pie_3" rowspan=3 style="width:100px" onclick="show_all_waterAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_31" class="data_bar_total_label" onclick="show_all_waterAlarm()">报告总数</td>
+                    <td id="data_number_31" class="data_bar_total_number" onclick="show_all_waterAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_32" class="data_bar_alarm_label" onclick="show_all_waterAlarm()">待处理</td>
+                    <td id="data_number_32" class="data_bar_alarm_number" onclick="show_all_waterAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_title_4" colspan=2 class="data_bar_title" onclick="show_all_rtuAlarm()">RTU监控</td>
+                    <td id="data_pie_4" rowspan=3 style="width:100px" onclick="show_all_rtuAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_41" class="data_bar_total_label" onclick="show_all_rtuAlarm()">报告总数</td>
+                    <td id="data_number_41" class="data_bar_total_number" onclick="show_all_rtuAlarm()"></td>
+                </tr>
+                <tr>
+                    <td id="data_label_42" class="data_bar_alarm_label" onclick="show_all_rtuAlarm()">待处理</td>
+                    <td id="data_number_42" class="data_bar_alarm_number" onclick="show_all_rtuAlarm()"></td>
+                </tr>
+            </table>
+            <table id="device_bar_table" style="position:absolute;top:561px;left:41px;width:280px;">
+                <tr>
+                    <td id="device_title_1" colspan=2 class="device_info_title" onclick="show_all_fireDevice()">火灾监控设备</td>
+                    <td id="device_count_1" class="align_right device_info" onclick="show_all_fireDevice()">总数：<span id="device_count_num_11" class="device_confirm_num0">0</span></td>
+                </tr>
+                <tr>
+                    <td id="device_confirm_11" class="device_info" onclick="show_all_fireDevice()">已处理：<span id="device_count_num_12" class="device_confirm_num1">0</span></td>
+                    <td id="device_confirm_12" class="device_info" onclick="show_all_fireDevice()">待处理：<span id="device_count_num_13" class="device_confirm_num2">0</span></td>
+                    <td id="device_confirm_13" class="align_right device_info" onclick="show_all_fireDevice()">处置率：<span id="device_count_num_14" class="device_confirm_num3">0%</span></td>
+                </tr>
+                <tr>
+                    <td colspan=3 style="height:28px;" onclick="show_all_fireDevice()">
+                    <div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
+                        <div id="device_confirm_14" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
+                    </div>
+                    </td>
+                </tr>
+                <tr>
+                    <td id="device_title_2" colspan=2 class="device_info_title" onclick="show_all_efireDevice()">电气火灾监控设备</td>
+                    <td id="device_count_2" class="align_right device_info" onclick="show_all_efireDevice()">总数：<span id="device_count_num_21" class="device_confirm_num0">0</span></td>
+                </tr>
+                <tr>
+                    <td id="device_confirm_21" class="device_info" onclick="show_all_efireDevice()">已处理：<span id="device_count_num_22" class="device_confirm_num1">0</span></td>
+                    <td id="device_confirm_22" class="device_info" onclick="show_all_efireDevice()">待处理：<span id="device_count_num_23" class="device_confirm_num2">0</span></td>
+                    <td id="device_confirm_23" class="align_right device_info" onclick="show_all_efireDevice()">处置率：<span id="device_count_num_24" class="device_confirm_num3">0%</span></td>
+                </tr>
+                <tr>
+                    <td colspan=3 style="height:28px;" onclick="show_all_efireDevice()">
+                    <div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
+                        <div id="device_confirm_24" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
+                    </div>
+                    </td>
+                </tr>
+                <tr>
+                    <td id="device_title_3" colspan=2 class="device_info_title" onclick="show_all_waterDevice()">水系统监控设备</td>
+                    <td id="device_count_3" class="align_right device_info" onclick="show_all_waterDevice()">总数：<span id="device_count_num_31" class="device_confirm_num0">0</span></td>
+                </tr>
+                <tr>
+                    <td id="device_confirm_31" class="device_info" onclick="show_all_waterDevice()">已处理：<span id="device_count_num_32" class="device_confirm_num1">0</span></td>
+                    <td id="device_confirm_32" class="device_info" onclick="show_all_waterDevice()">待处理：<span id="device_count_num_33" class="device_confirm_num2">0</span></td>
+                    <td id="device_confirm_33" class="align_right device_info" onclick="show_all_waterDevice()">处置率：<span id="device_count_num_34" class="device_confirm_num3">0%</span></td>
+                </tr>
+                <tr>
+                    <td colspan=3 style="height:28px;" onclick="show_all_waterDevice()">
+                    <div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
+                        <div id="device_confirm_34" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
+                    </div>
+                    </td>
+                </tr>
+                <tr>
+                    <td id="device_title_4" colspan=2 class="device_info_title" onclick="show_all_rtuDevice()">RTU监控设备</td>
+                    <td id="device_count_4" class="align_right device_info" onclick="show_all_rtuDevice()">总数：<span id="device_count_num_41" class="device_confirm_num0">0</span></td>
+                </tr>
+                <tr>
+                    <td id="device_confirm_41" class="device_info" onclick="show_all_rtuDevice()">已处理：<span id="device_count_num_42" class="device_confirm_num1">0</span></td>
+                    <td id="device_confirm_42" class="device_info" onclick="show_all_rtuDevice()">待处理：<span id="device_count_num_43" class="device_confirm_num2">0</span></td>
+                    <td id="device_confirm_43" class="align_right device_info" onclick="show_all_rtuDevice()">处置率：<span id="device_count_num_44" class="device_confirm_num3">0%</span></td>
+                </tr>
+                <tr>
+                    <td colspan=3 style="height:28px;" onclick="show_all_rtuDevice()">
+                    <div style="border:0px solid #000;border-radius:3px;width:280px;height:6px;background-color:rgba(255,255,255,0.1);">
+                        <div id="device_confirm_44" style="border:0px solid #00a7d1;margin:0px;padding:0px;border-radius:3px;height:6px;width:280px;background-color:#00a7d1"></div>
+                    </div>
+                    </td>
+                </tr>
+            </table>
+        </div>
+    </div> -->
+    <div id="map_btn_bigger" class="map_btn map_btn_bigger_off" onmouseover="bigger_mouseover();"
+         onmouseout="bigger_mouseout();" onclick="bigger_click();"></div>
+    <div id="map_btn_smaller" class="map_btn map_btn_smaller_off" onmouseover="smaller_mouseover();"
+         onmouseout="smaller_mouseout();" onclick="smaller_click();"></div>
+    <div id="map_btn_showlaebl" class="map_btn map_btn_showlaebl_off" onmouseover="shower_mouseover();"
+         onmouseout="shower_mouseout();" onclick="shower_click();"></div>
+    <div id="map_btn_left" class="map_btn map_btn_left_off" onmouseover="left_mouseover();"
+         onmouseout="left_mouseout();" onclick="left_click();"></div>
+    <div id="map_btn_right" class="map_btn map_btn_right_off" onmouseover="right_mouseover();"
+         onmouseout="right_mouseout();" onclick="right_click();"></div>
+    <div id="map_btn_high" class="map_btn map_btn_high_off" onmouseover="higher_mouseover();"
+         onmouseout="higher_mouseout();" onclick="higher_click();"></div>
+    <div id="map_btn_low" class="map_btn map_btn_low_off" onmouseover="lower_mouseover();"
+         onmouseout="lower_mouseout();" onclick="lower_click();"></div>
 </div>
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>
 <input type="hidden" id="basePath" name="basePath" value="<%=basePath %>"/>

WebRoot/view/frontpage/query.jsp

@@ -1,10 +1,12 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String dwtype = request.getParameter("dwtype");
     String level = request.getParameter("level");
     String objid = request.getParameter("objid");
@@ -12,37 +14,53 @@
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme="";
+    if(company_code==null)
+        company_code = "";
+    if (!myRegex(company_code)){
+        company_code = "";
+    }
+
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex (String str){
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/frontpage/scripts/query.js" %>"></script>
-<title>火警监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/frontpage/scripts/query.js" %>"></script>
+    <title>火警监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -14,12 +16,24 @@
     String company_code = request.getParameter("company_code");
     if(viewAlarmType==null)
     	viewAlarmType="11110010";
+	if (!myRegex(viewAlarmType)){
+		viewAlarmType = null;
+	}
     if(pieAlarmType==null)
     	pieAlarmType="11110010";
+	if (!myRegex(pieAlarmType)){
+		pieAlarmType = null;
+	}
     if(statusType==null)
     	statusType="11110010";
+	if (!myRegex(statusType)){
+		statusType = "";
+	}
     if((company_code==null)||(company_code=="null"))
     	company_code = "";
+	if (!myRegex(company_code)){
+		company_code = null;
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -37,9 +51,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 
 <html>

WebRoot/view/inspectionrecord/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/inspectors/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
     String company_code = request.getParameter("company_code");
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/liftAlarm/index.jsp

@@ -1,53 +1,68 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code=="null")
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme = "";
+    if (company_code == "null")
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex (String str){
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/liftAlarm/scripts/liftOption.js" %>"></script>
-<title>电梯监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/liftAlarm/scripts/liftOption.js" %>"></script>
+    <title>电梯监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/liftAlarm/liftDeviceindex.jsp

@@ -1,46 +1,61 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code==null)
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
+    if (company_code == null)
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    }
+%>
+<%!
+    public boolean myRegex (String str){
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
     }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/liftAlarm/scripts/liftDeviceIndex.js" %>"></script>
-<title>电梯监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/liftAlarm/scripts/liftDeviceIndex.js" %>"></script>
+    <title>电梯监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/liftAlarm/subliftAlarm.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme="";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/liftAlarm/subliftDevice.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/mainframe.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/maintenance/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/maintenanceperson/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
     String company_code = request.getParameter("company_code");
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/maintenanceplan/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/maintenancerecord/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/patrolAnalysis/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/patrolAnalysis2/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/patrolplan/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/patrolpoint/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/proform/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String company_code = request.getParameter("company_code");
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/proform2/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String company_code = request.getParameter("company_code");
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/proform3/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -8,6 +10,11 @@
     String t = String.valueOf(System.currentTimeMillis());
     String company_code = request.getParameter("company_code");
     String theme = request.getParameter("theme");
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     String css_name = "ext-all-access.css";
     if(theme!=null){
     	if(theme.equals("gray"))
@@ -26,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/proform4/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String company_code = request.getParameter("company_code");
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/proform5/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String company_code = request.getParameter("company_code");
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/projectWoker/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/pzb/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/view/qrcodeanalysis/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
     String company_code = request.getParameter("company_code");
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/qrcodeanalysis2/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -9,6 +11,11 @@
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
     String company_code = request.getParameter("company_code");
+	if(company_code==null)
+		company_code = "";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -26,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/route/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/route2/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/rtuAlarm/RtuDeviceIndex.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/rtuAlarm/index.jsp

@@ -1,53 +1,68 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+         pageEncoding="UTF-8" %>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
-    String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
-    String baseUrl = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/";
+    String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
+    String baseUrl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/";
     String company_code = request.getParameter("company_code");
     String t = String.valueOf(System.currentTimeMillis());
     String theme = request.getParameter("theme");
     String css_name = "ext-all-access.css";
-    if(company_code=="null")
-    	company_code="";
-    if(theme!=null){
-    	if(theme.equals("gray"))
-    		css_name = "ext-all-gray.css";
-    	else if(theme.equals("access"))
-    		css_name = "ext-all-access.css";
-    	else if(theme.equals("neptune"))
-    		css_name = "ext-neptune.css";
-    	else if(theme.equals("default"))
-    		css_name = "ext-all.css";
-    	else if(theme.equals("scoped"))
-    		css_name = "ext-all-scoped";
-    	else if(theme.equals("ie"))
-    		css_name = "ext-ie.css";
-    	else if(theme.equals("sandbox"))
-    		css_name = "ext-sandbox.css";
-    	else if(theme.equals("standard"))
-    		css_name = "ext-standard.css";
-    }else
-    	theme = "";
+    if (company_code == "null")
+        company_code = "";
+    if (!myRegex(company_code)) {
+        company_code = "";
+    }
+    if (theme != null) {
+        if (theme.equals("gray"))
+            css_name = "ext-all-gray.css";
+        else if (theme.equals("access"))
+            css_name = "ext-all-access.css";
+        else if (theme.equals("neptune"))
+            css_name = "ext-neptune.css";
+        else if (theme.equals("default"))
+            css_name = "ext-all.css";
+        else if (theme.equals("scoped"))
+            css_name = "ext-all-scoped";
+        else if (theme.equals("ie"))
+            css_name = "ext-ie.css";
+        else if (theme.equals("sandbox"))
+            css_name = "ext-sandbox.css";
+        else if (theme.equals("standard"))
+            css_name = "ext-standard.css";
+        else {
+            theme = null;
+        }
+    } else
+        theme = "";
+%>
+<%!
+    public boolean myRegex (String str){
+        Pattern pattern = Pattern.compile("^[0-9]*$");
+        Matcher matcher = pattern.matcher(str);
+        return matcher.matches();
+    }
 %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
-<link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/ext-all.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
-<script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
-<script type="text/javascript" src ="<%=basePath+"view/rtuAlarm/scripts/rtuOption.js" %>"></script>
-<title>火警监控报告</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/extjs/resources/css/"+css_name %>"/>
+    <link type="text/css" rel="stylesheet" href="<%=basePath+"res/img/myImages.css" %>"/>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/ext-all.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/extjs/locale/ext-lang-zh_CN.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/jquery/jquery-3.3.1.min.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-3d.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/highcharts-more.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/solid-gauge.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/exporting.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"res/highcharts/code/modules/export-data.js" %>"></script>
+    <script type="text/javascript" src="<%=basePath+"view/rtuAlarm/scripts/rtuOption.js" %>"></script>
+    <title>火警监控报告</title>
 </head>
 <body style="overflow:hidden;">
 <input type="hidden" id="theme" name="theme" value="<%=theme %>"/>

WebRoot/view/rtuAlarm/subRtuAlarm.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme="";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/rtuAlarm/subRtuDevice.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/rtuAlarm/window.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/springhandle/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }
 %>
 <!DOCTYPE html>

WebRoot/view/test.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -10,6 +12,21 @@
     String viewAlarmType = request.getParameter("viewAlarmType");
     String pieAlarmType = request.getParameter("pieAlarmType");
     String statusType = request.getParameter("statusType");
+	if (viewAlarmType == null)
+		viewAlarmType = "11110010";
+	if (!myRegex(viewAlarmType)) {
+		viewAlarmType = "";
+	}
+	if (pieAlarmType == null)
+		pieAlarmType = "11110010";
+	if (!myRegex(pieAlarmType)) {
+		pieAlarmType = null;
+	}
+	if (statusType == null)
+		statusType = "11110010";
+	if (!myRegex(statusType)) {
+		statusType = null;
+	}
     String css_name = "ext-all-access.css";
     if(theme!=null){
     	if(theme.equals("gray"))
@@ -28,9 +45,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

WebRoot/view/videoAlarm/VideoDeviceIndex.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/videoAlarm/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/videoAlarm/subVideoAlarm.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme = null;
+		}
     }else
     	theme="";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/videoAlarm/subVideoDevice.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/videoAlarm/window.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/videoCam/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -12,6 +14,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -29,9 +34,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/videoTest/index.jsp

@@ -26,6 +26,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/waterAlarm/WaterDeviceIndex.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAlarm/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAlarm/subWaterAlarm.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,19 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }else
     	theme="";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAlarm/subWaterBattery.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAlarm/subWaterDevice.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAlarm/subWaterSignal.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAlarm/window.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code==null)
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,9 +33,20 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+
+		}
     }else
     	theme = "";
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>

WebRoot/view/waterAnalysis/index.jsp

@@ -25,6 +25,9 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+    	else {
+    		theme=null;
+		}
     }else
     	theme = "";
 %>

WebRoot/view/xhxx/index.jsp

@@ -1,5 +1,7 @@
+<%@ page import="java.util.regex.Pattern" %>
+<%@ page import="java.util.regex.Matcher" %>
 <%@ page language="java" contentType="text/html; charset=UTF-8"
-    pageEncoding="UTF-8"%>
+		 pageEncoding="UTF-8"%>
 <%@ page session="true" %>
 <%
     String path = request.getContextPath();
@@ -11,6 +13,9 @@
     String css_name = "ext-all-access.css";
     if(company_code=="null")
     	company_code="";
+	if (!myRegex(company_code)){
+		company_code = "";
+	}
     if(theme!=null){
     	if(theme.equals("gray"))
     		css_name = "ext-all-gray.css";
@@ -28,8 +33,18 @@
     		css_name = "ext-sandbox.css";
     	else if(theme.equals("standard"))
     		css_name = "ext-standard.css";
+		else {
+			theme = null;
+		}
     }
 %>
+<%!
+	public boolean myRegex (String str){
+		Pattern pattern = Pattern.compile("^[0-9]*$");
+		Matcher matcher = pattern.matcher(str);
+		return matcher.matches();
+	}
+%>
 <!DOCTYPE html>
 <html>
 <head>

src/cn/com/usky/iot/controller/AdminController.java

@@ -59,6 +59,7 @@ public class AdminController {
 			json.put("check", false);
 			json.put("errMsg", "权限错误，请重新登录");
 			mav.addObject("ret_str", json.toJSONString());
+			return mav;
 		}
 		mav.setViewName("return");
 		//通过获取用户信息
@@ -93,6 +94,7 @@ public class AdminController {
 			json.put("check", false);
 			json.put("errMsg", "权限错误，请重新登录");
 			mav.addObject("ret_str", json.toJSONString());
+			return mav;
 		}
 		mav.setViewName("return");
 		//通过获取用户信息
@@ -122,6 +124,7 @@ public class AdminController {
 			json.put("check", false);
 			json.put("errMsg", "权限错误，请重新登录");
 			mav.addObject("ret_str", json.toJSONString());
+			return mav;
 		}
 		mav.setViewName("return");
 		//通过获取用户信息
@@ -148,6 +151,7 @@ public class AdminController {
 			json.put("check", false);
 			json.put("errMsg", "权限错误，请重新登录");
 			mav.addObject("ret_str", json.toJSONString());
+			return mav;
 		}
 		mav.setViewName("return");
 		//通过获取用户信息

src/cn/com/usky/iot/controller/AlarmViewController.java

@@ -255,6 +255,7 @@ public class AlarmViewController {
             json.put("check", false);
             json.put("errMsg", "权限错误，请重新登录");
             mav.addObject("ret_str", json.toJSONString());
+            return mav;
         }
         mav.setViewName("return");
         //通过获取用户信息

src/cn/com/usky/iot/controller/AnalysisViewController.java

@@ -52,6 +52,7 @@ public class AnalysisViewController {
             json.put("check", false);
             json.put("errMsg", "权限错误，请重新登录");
             mav.addObject("ret_str", json.toJSONString());
+            return mav;
         }
         mav.setViewName("return");
         //通过获取用户信息