mirror of https://gitee.com/karson/fastadmin.git
修复分片上传参数过滤不严的BUG
Karson
parent
a58a147143
commit
454fdcded9
|
|
@ -76,6 +76,7 @@ class Upload
|
|||
|
||||
$this->file = $file;
|
||||
$this->fileInfo = $fileInfo;
|
||||
$this->checkExecutable();
|
||||
}
|
||||
|
||||
protected function checkExecutable()
|
||||
|
|
@ -171,6 +172,9 @@ class Upload
|
|||
*/
|
||||
public function clean($chunkid)
|
||||
{
|
||||
if (!preg_match('/^[a-z0-9\-]{36}$/', $chunkid)) {
|
||||
throw new UploadException(__('Invalid parameters'));
|
||||
}
|
||||
$iterator = new \GlobIterator($this->chunkDir . DS . $chunkid . '-*', FilesystemIterator::KEY_AS_FILENAME);
|
||||
$array = iterator_to_array($iterator);
|
||||
foreach ($array as $index => &$item) {
|
||||
|
|
@ -190,6 +194,10 @@ class Upload
|
|||
*/
|
||||
public function merge($chunkid, $chunkcount, $filename)
|
||||
{
|
||||
if (!preg_match('/^[a-z0-9\-]{36}$/', $chunkid)) {
|
||||
throw new UploadException(__('Invalid parameters'));
|
||||
}
|
||||
|
||||
$filePath = $this->chunkDir . DS . $chunkid;
|
||||
|
||||
$completed = true;
|
||||
|
|
@ -229,27 +237,34 @@ class Upload
|
|||
}
|
||||
@fclose($destFile);
|
||||
|
||||
$file = new File($uploadPath);
|
||||
$info = [
|
||||
'name' => $filename,
|
||||
'type' => $file->getMime(),
|
||||
'tmp_name' => $uploadPath,
|
||||
'error' => 0,
|
||||
'size' => $file->getSize()
|
||||
];
|
||||
$file->setSaveName($filename)->setUploadInfo($info);
|
||||
$file->isTest(true);
|
||||
$attachment = null;
|
||||
try {
|
||||
$file = new File($uploadPath);
|
||||
$info = [
|
||||
'name' => $filename,
|
||||
'type' => $file->getMime(),
|
||||
'tmp_name' => $uploadPath,
|
||||
'error' => 0,
|
||||
'size' => $file->getSize()
|
||||
];
|
||||
$file->setSaveName($filename)->setUploadInfo($info);
|
||||
$file->isTest(true);
|
||||
|
||||
//重新设置文件
|
||||
$this->setFile($file);
|
||||
//重新设置文件
|
||||
$this->setFile($file);
|
||||
|
||||
unset($file);
|
||||
$this->merging = true;
|
||||
unset($file);
|
||||
$this->merging = true;
|
||||
|
||||
//允许大文件
|
||||
$this->config['maxsize'] = "1024G";
|
||||
//允许大文件
|
||||
$this->config['maxsize'] = "1024G";
|
||||
|
||||
return $this->upload();
|
||||
$attachment = $this->upload();
|
||||
} catch (\Exception $e) {
|
||||
@unlink($destFile);
|
||||
throw new UploadException($e->getMessage());
|
||||
}
|
||||
return $attachment;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -263,6 +278,10 @@ class Upload
|
|||
throw new UploadException(__('Uploaded file format is limited'));
|
||||
}
|
||||
|
||||
if (!preg_match('/^[a-z0-9\-]{36}$/', $chunkid)) {
|
||||
throw new UploadException(__('Invalid parameters'));
|
||||
}
|
||||
|
||||
$destDir = RUNTIME_PATH . 'chunks';
|
||||
$fileName = $chunkid . "-" . $chunkindex . '.part';
|
||||
$destFile = $destDir . DS . $fileName;
|
||||
|
|
|
|||
Loading…
Reference in New Issue