mirror of https://gitee.com/karson/fastadmin.git
修复分片上传参数过滤不严的BUG
Karson
parent
a58a147143
commit
454fdcded9
|
|
@ -76,6 +76,7 @@ class Upload
|
||||||
|
|
||||||
$this->file = $file;
|
$this->file = $file;
|
||||||
$this->fileInfo = $fileInfo;
|
$this->fileInfo = $fileInfo;
|
||||||
|
$this->checkExecutable();
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function checkExecutable()
|
protected function checkExecutable()
|
||||||
|
|
@ -171,6 +172,9 @@ class Upload
|
||||||
*/
|
*/
|
||||||
public function clean($chunkid)
|
public function clean($chunkid)
|
||||||
{
|
{
|
||||||
|
if (!preg_match('/^[a-z0-9\-]{36}$/', $chunkid)) {
|
||||||
|
throw new UploadException(__('Invalid parameters'));
|
||||||
|
}
|
||||||
$iterator = new \GlobIterator($this->chunkDir . DS . $chunkid . '-*', FilesystemIterator::KEY_AS_FILENAME);
|
$iterator = new \GlobIterator($this->chunkDir . DS . $chunkid . '-*', FilesystemIterator::KEY_AS_FILENAME);
|
||||||
$array = iterator_to_array($iterator);
|
$array = iterator_to_array($iterator);
|
||||||
foreach ($array as $index => &$item) {
|
foreach ($array as $index => &$item) {
|
||||||
|
|
@ -190,6 +194,10 @@ class Upload
|
||||||
*/
|
*/
|
||||||
public function merge($chunkid, $chunkcount, $filename)
|
public function merge($chunkid, $chunkcount, $filename)
|
||||||
{
|
{
|
||||||
|
if (!preg_match('/^[a-z0-9\-]{36}$/', $chunkid)) {
|
||||||
|
throw new UploadException(__('Invalid parameters'));
|
||||||
|
}
|
||||||
|
|
||||||
$filePath = $this->chunkDir . DS . $chunkid;
|
$filePath = $this->chunkDir . DS . $chunkid;
|
||||||
|
|
||||||
$completed = true;
|
$completed = true;
|
||||||
|
|
@ -229,27 +237,34 @@ class Upload
|
||||||
}
|
}
|
||||||
@fclose($destFile);
|
@fclose($destFile);
|
||||||
|
|
||||||
$file = new File($uploadPath);
|
$attachment = null;
|
||||||
$info = [
|
try {
|
||||||
'name' => $filename,
|
$file = new File($uploadPath);
|
||||||
'type' => $file->getMime(),
|
$info = [
|
||||||
'tmp_name' => $uploadPath,
|
'name' => $filename,
|
||||||
'error' => 0,
|
'type' => $file->getMime(),
|
||||||
'size' => $file->getSize()
|
'tmp_name' => $uploadPath,
|
||||||
];
|
'error' => 0,
|
||||||
$file->setSaveName($filename)->setUploadInfo($info);
|
'size' => $file->getSize()
|
||||||
$file->isTest(true);
|
];
|
||||||
|
$file->setSaveName($filename)->setUploadInfo($info);
|
||||||
|
$file->isTest(true);
|
||||||
|
|
||||||
//重新设置文件
|
//重新设置文件
|
||||||
$this->setFile($file);
|
$this->setFile($file);
|
||||||
|
|
||||||
unset($file);
|
unset($file);
|
||||||
$this->merging = true;
|
$this->merging = true;
|
||||||
|
|
||||||
//允许大文件
|
//允许大文件
|
||||||
$this->config['maxsize'] = "1024G";
|
$this->config['maxsize'] = "1024G";
|
||||||
|
|
||||||
return $this->upload();
|
$attachment = $this->upload();
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
@unlink($destFile);
|
||||||
|
throw new UploadException($e->getMessage());
|
||||||
|
}
|
||||||
|
return $attachment;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -263,6 +278,10 @@ class Upload
|
||||||
throw new UploadException(__('Uploaded file format is limited'));
|
throw new UploadException(__('Uploaded file format is limited'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!preg_match('/^[a-z0-9\-]{36}$/', $chunkid)) {
|
||||||
|
throw new UploadException(__('Invalid parameters'));
|
||||||
|
}
|
||||||
|
|
||||||
$destDir = RUNTIME_PATH . 'chunks';
|
$destDir = RUNTIME_PATH . 'chunks';
|
||||||
$fileName = $chunkid . "-" . $chunkindex . '.part';
|
$fileName = $chunkid . "-" . $chunkindex . '.part';
|
||||||
$destFile = $destDir . DS . $fileName;
|
$destFile = $destDir . DS . $fileName;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue