From d52090d402900178c2bf74d8c64e3e65dc16a29f Mon Sep 17 00:00:00 2001 From: pengjie <17373303529@163.com> Date: Thu, 7 Dec 2023 16:24:06 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=87=E4=BB=B6=E4=B8=8A=E4=BC=A0=E7=B1=BB?= =?UTF-8?q?=E5=9E=8B=E9=99=90=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/admin/FileController.java | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/FileController.java b/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/FileController.java index a71688d..9ab479e 100644 --- a/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/FileController.java +++ b/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/FileController.java @@ -16,6 +16,7 @@ import org.springframework.web.multipart.MultipartFile; import springfox.documentation.annotations.ApiIgnore; import javax.servlet.http.HttpServletResponse; +import java.util.Locale; import java.util.Map; /** @@ -56,6 +57,24 @@ public class FileController { @ApiOperation(value = "文件上传", notes = "文件上传", httpMethod="POST") @PostMapping("/upload") public Result> upload(MultipartFile file) { + String[] FILE_SUFFIX_SUPPORT ={".jsp",".php",".asp",".aspx",".exe"}; + // 校验文件是否为空 + if (file == null) { + throw new RuntimeException("文件不能为空!"); + } + //得到文件名 + String originalFilename = file.getOriginalFilename(); + // 校验文件后缀 + if (!originalFilename.contains(".")) { + throw new RuntimeException("文件不能没有后缀!"); + } + String suffix = originalFilename.substring(originalFilename.lastIndexOf('.')); + for (String s : FILE_SUFFIX_SUPPORT) { + //转换为小写比较,Locale.ROOT为区域转换规则可不写 + if (s.equals(suffix.toLowerCase(Locale.ROOT))) { + throw new RuntimeException("请上传正常的文件!"); + } + } return Result.success(fileDetailService.upload(file)); }