diff --git a/servers/boe-server-all/src/main/java/com/xboe/system/api/SysUploaderApi.java b/servers/boe-server-all/src/main/java/com/xboe/system/api/SysUploaderApi.java index ba3297f4..84f47abb 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/system/api/SysUploaderApi.java +++ b/servers/boe-server-all/src/main/java/com/xboe/system/api/SysUploaderApi.java @@ -8,11 +8,12 @@ import java.net.HttpURLConnection; import java.net.URL; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; +import java.util.HashSet; +import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import com.xboe.common.utils.StringUtil; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestMapping; @@ -43,6 +44,24 @@ public class SysUploaderApi extends ApiBaseController{ @Autowired XFileUploader uploader; + private static Set fileTypeSet=new HashSet<>(); + static { + fileTypeSet.add("mp3"); + fileTypeSet.add("wmv"); + fileTypeSet.add("mp4"); + fileTypeSet.add("jpg"); + fileTypeSet.add("png"); + fileTypeSet.add("gif"); + fileTypeSet.add("doc"); + fileTypeSet.add("docx"); + fileTypeSet.add("xls"); + fileTypeSet.add("xlsx"); + fileTypeSet.add("ppt"); + fileTypeSet.add("pptx"); + fileTypeSet.add("pdf"); + fileTypeSet.add("zip"); + } + @RequestMapping(value = "/file/upload", method = RequestMethod.POST) public JsonResponse save(HttpServletRequest request, String name,String dir) throws IOException { //以下三项用于回调 @@ -59,10 +78,21 @@ public class SysUploaderApi extends ApiBaseController{ if (file == null ) { return wrap(JsonResponseStatus.BAD_REQUEST, "未找到" + name + "对应的文件"); } - String type=".exe"; - if(StringUtil.isBlank(file.getOriginalFilename()) ||file.getOriginalFilename().endsWith(type.toUpperCase()) || file.getOriginalFilename().endsWith(type)){ - return badRequest("不支持此格式"); + String suffix=file.getOriginalFilename().substring(file.getOriginalFilename().lastIndexOf(".")+1); + if(StringUtils.isBlank(suffix)) { + return wrap(JsonResponseStatus.BAD_REQUEST, "文件类型错误"); } + //上传限制文件类型 + suffix=suffix.toLowerCase(); + if(!fileTypeSet.contains(suffix)) { + return wrap(JsonResponseStatus.BAD_REQUEST, "不支持的文件类型"); + } + + //限制上传的类型 mp3,mp3,doc,docx,ppt,pptx,pdf +// String type=".exe"; +// if(StringUtil.isBlank(file.getOriginalFilename()) ||file.getOriginalFilename().endsWith(type.toUpperCase()) || file.getOriginalFilename().endsWith(type)){ +// return badRequest("不支持此格式"); +// } if(StringUtils.isBlank(dir)) { dir=""; diff --git a/servers/boe-server-all/src/main/java/com/xboe/system/user/entity/Message.java b/servers/boe-server-all/src/main/java/com/xboe/system/user/entity/Message.java index 93dc6c68..1bd96867 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/system/user/entity/Message.java +++ b/servers/boe-server-all/src/main/java/com/xboe/system/user/entity/Message.java @@ -45,7 +45,7 @@ public class Message extends IdEntity { private String pageUrl; /** - * 页面类型 + * 页面类型,1课程学习页面,2文章详细页面,3 表案例详细页面,4表问答详细页面 * */ @Column(name = "page_type",length = 1) private Integer pageType;