bonus
/
gzdevicemgt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

南网漏洞修复

This commit is contained in:
liang.chao 2024-10-10 10:04:11 +08:00
parent 3a8119b61b
commit 2ac4a5aae6
2 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysFileController.java
View File

@ -60,7 +60,7 @@ public class SysFileController {
ErrorCode.ATTACHMENT_UPLOAD_FAILED.getMessage());
}
}catch (Exception e){
log.error(e.getMessage());
return AjaxResult.error(e.getMessage());
}
if (file != null && file.getId() != 0){
return AjaxResult.success(file);

18
sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/service/impl/SysFileServiceImpl.java
View File

@ -53,6 +53,8 @@ public class SysFileServiceImpl implements SysFileService {
*/
@Value("${file.path}")
private String localFilePath;
// 允许的文件格式
private static final List<String> ALLOWED_EXTENSIONS = Arrays.asList("jpg", "jpeg", "txt", "png", "pdf", "docx", "doc", "xlsx", "xls");
@Resource
private FileClient fileClient;
@ -73,6 +75,11 @@ public class SysFileServiceImpl implements SysFileService {
HashMap<String, Object> map = getFile(req);
List<MultipartFile> items = (List<MultipartFile>) map.get("filePath");
MultipartFile item = items.get(0);
// 获取文件后缀名
String fileExtension = item.getOriginalFilename().substring(item.getOriginalFilename().lastIndexOf(".") + 1);
if (!ALLOWED_EXTENSIONS.contains(fileExtension.toLowerCase())) {
throw new Exception("不支持该文件格式");
}
try {
//String url = saveFile(request, item, photoType);
/*AjaxResult res = fileClient.uploadFile(item);
@ -84,7 +91,7 @@ public class SysFileServiceImpl implements SysFileService {
String type = fileName.substring(fileName.lastIndexOf(".") + 1);
long size = item.getSize() / 1024 / 1024;
file.setFileName(fileName);
log.info("文件名为:{}",fileName);
log.info("文件名为:{}", fileName);
file.setFileUrl(url);
file.setCreator(userId.toString());
file.setType(type);
@ -102,6 +109,7 @@ public class SysFileServiceImpl implements SysFileService {
/**
* 腾讯云文件上传
*
* @param file
* @return
*/
@ -126,7 +134,7 @@ public class SysFileServiceImpl implements SysFileService {
String key = IdUtils.fastSimpleUuid() + file.getOriginalFilename();
//对上传文件分组根据当前日期 /2024/04/02
String dateTime = new DateTime().toString("yyyy/MM/dd");
key = dateTime+"/"+key;
key = dateTime + "/" + key;
try {
//获取上传文件输入流
InputStream inputStream = file.getInputStream();
@ -139,7 +147,7 @@ public class SysFileServiceImpl implements SysFileService {
// 高级接口会返回一个异步结果Upload
PutObjectResult putObjectResult = cosClient.putObject(putObjectRequest);
// 返回上传文件路径:https://ggkt-atguigu-1310644373.cos.ap-beijing.myqcloud.com/01.jpg
return "https://" + bucketName + "." + "cos" + "." + ConstantPropertiesUtil.END_POINT+".myqcloud.com" + "/" + key;
return "https://" + bucketName + "." + "cos" + "." + ConstantPropertiesUtil.END_POINT + ".myqcloud.com" + "/" + key;
} catch (Exception e) {
log.error(e.getMessage());
}
@ -153,7 +161,7 @@ public class SysFileServiceImpl implements SysFileService {
* @throws Exception
*/
@Override
public FileInfo uploadHeadPic(MultipartFile item,String fileType) {
public FileInfo uploadHeadPic(MultipartFile item, String fileType) {
FileInfo file = new FileInfo();
Long userId = SecurityUtils.getLoginUser().getUserid();
try {
@ -205,7 +213,7 @@ public class SysFileServiceImpl implements SysFileService {
String tmpName = multipartFile.getOriginalFilename();
tmpName = tmpName.substring(tmpName.lastIndexOf("\\") + 1);
tmpName = IdUtil.fastSimpleUUID() + System.currentTimeMillis() + tmpName.substring(tmpName.lastIndexOf("."), tmpName.length());
String imageFiles = localFilePath+ "/" + fileType + "/";
String imageFiles = localFilePath + "/" + fileType + "/";
String os = System.getProperty("os.name");
if (os.toLowerCase().startsWith(GlobalConstants.STRING_WIN)) {
imageFiles = "D://files/" + fileType + "/";