bonus
/
gzdevicemgt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

南网漏洞修复

This commit is contained in:
liang.chao 2024-10-10 10:04:11 +08:00
parent 3a8119b61b
commit 2ac4a5aae6
2 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysFileController.java
View File

@ -60,7 +60,7 @@ public class SysFileController {
ErrorCode.ATTACHMENT_UPLOAD_FAILED.getMessage()); ErrorCode.ATTACHMENT_UPLOAD_FAILED.getMessage());
} }
}catch (Exception e){ }catch (Exception e){
log.error(e.getMessage()); return AjaxResult.error(e.getMessage());
} }
if (file != null && file.getId() != 0){ if (file != null && file.getId() != 0){
return AjaxResult.success(file); return AjaxResult.success(file);

22
sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/service/impl/SysFileServiceImpl.java
View File

@ -53,6 +53,8 @@ public class SysFileServiceImpl implements SysFileService {
*/ */
@Value("${file.path}") @Value("${file.path}")
private String localFilePath; private String localFilePath;
// 允许的文件格式
private static final List<String> ALLOWED_EXTENSIONS = Arrays.asList("jpg", "jpeg", "txt", "png", "pdf", "docx", "doc", "xlsx", "xls");
@Resource @Resource
private FileClient fileClient; private FileClient fileClient;
@ -68,11 +70,16 @@ public class SysFileServiceImpl implements SysFileService {
public FileInfo uploadFile(HttpServletRequest request) throws Exception { public FileInfo uploadFile(HttpServletRequest request) throws Exception {
FileInfo file = new FileInfo(); FileInfo file = new FileInfo();
StandardMultipartHttpServletRequest req = (StandardMultipartHttpServletRequest) request; StandardMultipartHttpServletRequest req = (StandardMultipartHttpServletRequest) request;
// String photoType = req.getParameter("fileType"); // String photoType = req.getParameter("fileType");
Long userId = SecurityUtils.getLoginUser().getUserid(); Long userId = SecurityUtils.getLoginUser().getUserid();
HashMap<String, Object> map = getFile(req); HashMap<String, Object> map = getFile(req);
List<MultipartFile> items = (List<MultipartFile>) map.get("filePath"); List<MultipartFile> items = (List<MultipartFile>) map.get("filePath");
MultipartFile item = items.get(0); MultipartFile item = items.get(0);
// 获取文件后缀名
String fileExtension = item.getOriginalFilename().substring(item.getOriginalFilename().lastIndexOf(".") + 1);
if (!ALLOWED_EXTENSIONS.contains(fileExtension.toLowerCase())) {
throw new Exception("不支持该文件格式");
}
try { try {
//String url = saveFile(request, item, photoType); //String url = saveFile(request, item, photoType);
/*AjaxResult res = fileClient.uploadFile(item); /*AjaxResult res = fileClient.uploadFile(item);
@ -84,7 +91,7 @@ public class SysFileServiceImpl implements SysFileService {
String type = fileName.substring(fileName.lastIndexOf(".") + 1); String type = fileName.substring(fileName.lastIndexOf(".") + 1);
long size = item.getSize() / 1024 / 1024; long size = item.getSize() / 1024 / 1024;
file.setFileName(fileName); file.setFileName(fileName);
log.info("文件名为:{}",fileName); log.info("文件名为:{}", fileName);
file.setFileUrl(url); file.setFileUrl(url);
file.setCreator(userId.toString()); file.setCreator(userId.toString());
file.setType(type); file.setType(type);
@ -102,6 +109,7 @@ public class SysFileServiceImpl implements SysFileService {
/** /**
* 腾讯云文件上传 * 腾讯云文件上传
*
* @param file * @param file
* @return * @return
*/ */
@ -126,7 +134,7 @@ public class SysFileServiceImpl implements SysFileService {
String key = IdUtils.fastSimpleUuid() + file.getOriginalFilename(); String key = IdUtils.fastSimpleUuid() + file.getOriginalFilename();
//对上传文件分组根据当前日期 /2024/04/02 //对上传文件分组根据当前日期 /2024/04/02
String dateTime = new DateTime().toString("yyyy/MM/dd"); String dateTime = new DateTime().toString("yyyy/MM/dd");
key = dateTime+"/"+key; key = dateTime + "/" + key;
try { try {
//获取上传文件输入流 //获取上传文件输入流
InputStream inputStream = file.getInputStream(); InputStream inputStream = file.getInputStream();
@ -139,9 +147,9 @@ public class SysFileServiceImpl implements SysFileService {
// 高级接口会返回一个异步结果Upload // 高级接口会返回一个异步结果Upload
PutObjectResult putObjectResult = cosClient.putObject(putObjectRequest); PutObjectResult putObjectResult = cosClient.putObject(putObjectRequest);
// 返回上传文件路径:https://ggkt-atguigu-1310644373.cos.ap-beijing.myqcloud.com/01.jpg // 返回上传文件路径:https://ggkt-atguigu-1310644373.cos.ap-beijing.myqcloud.com/01.jpg
return "https://" + bucketName + "." + "cos" + "." + ConstantPropertiesUtil.END_POINT+".myqcloud.com" + "/" + key; return "https://" + bucketName + "." + "cos" + "." + ConstantPropertiesUtil.END_POINT + ".myqcloud.com" + "/" + key;
} catch (Exception e) { } catch (Exception e) {
log.error(e.getMessage()); log.error(e.getMessage());
} }
return null; return null;
} }
@ -153,7 +161,7 @@ public class SysFileServiceImpl implements SysFileService {
* @throws Exception * @throws Exception
*/ */
@Override @Override
public FileInfo uploadHeadPic(MultipartFile item,String fileType) { public FileInfo uploadHeadPic(MultipartFile item, String fileType) {
FileInfo file = new FileInfo(); FileInfo file = new FileInfo();
Long userId = SecurityUtils.getLoginUser().getUserid(); Long userId = SecurityUtils.getLoginUser().getUserid();
try { try {
@ -205,7 +213,7 @@ public class SysFileServiceImpl implements SysFileService {
String tmpName = multipartFile.getOriginalFilename(); String tmpName = multipartFile.getOriginalFilename();
tmpName = tmpName.substring(tmpName.lastIndexOf("\\") + 1); tmpName = tmpName.substring(tmpName.lastIndexOf("\\") + 1);
tmpName = IdUtil.fastSimpleUUID() + System.currentTimeMillis() + tmpName.substring(tmpName.lastIndexOf("."), tmpName.length()); tmpName = IdUtil.fastSimpleUUID() + System.currentTimeMillis() + tmpName.substring(tmpName.lastIndexOf("."), tmpName.length());
String imageFiles = localFilePath+ "/" + fileType + "/"; String imageFiles = localFilePath + "/" + fileType + "/";
String os = System.getProperty("os.name"); String os = System.getProperty("os.name");
if (os.toLowerCase().startsWith(GlobalConstants.STRING_WIN)) { if (os.toLowerCase().startsWith(GlobalConstants.STRING_WIN)) {
imageFiles = "D://files/" + fileType + "/"; imageFiles = "D://files/" + fileType + "/";