blackteay/ThinkAdmin
1
0
Fork 0
mirror of https://gitee.com/zoujingli/ThinkAdmin.git synced 2025-04-06 03:58:04 +08:00
Code Issues Projects Releases Wiki Activity

[更新]增加文件上传部分文件类型过滤

Browse Source
This commit is contained in:
Anyon 2017-07-12 17:24:43 +08:00
parent 1485527252
commit 355e730fa4
2 changed files with 32 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
application/admin/controller/Plugs.php
View File

@ -62,16 +62,22 @@ class Plugs extends BasicAdmin
*/ */
public function upload() public function upload()
{ {
if ($this->request->isPost()) { if (!$this->request->isPost()) {
return json(['code' => 'ERROR', '文件上传失败']);
}
$file = $this->request->file('file');
$ext = pathinfo($file->getInfo('name'), PATHINFO_EXTENSION);
if (in_array($ext, ['php', 'bat', 'cmd', 'sh', 'exe'])) {
return json(['code' => 'ERROR', 'msg' => "禁止上传{$ext}文件"]);
}
$md5s = str_split($this->request->post('md5'), 16); $md5s = str_split($this->request->post('md5'), 16);
if (($info = $this->request->file('file')->move('static' . DS . 'upload' . DS . $md5s[0], $md5s[1], true))) { if (($info = $file->move('static' . DS . 'upload' . DS . $md5s[0], $md5s[1], true))) {
$filename = join('/', $md5s) . '.' . $info->getExtension(); $filename = join('/', $md5s) . '.' . $info->getExtension();
if (($site_url = FileService::getFileUrl($filename, 'local'))) { if (($site_url = FileService::getFileUrl($filename, 'local'))) {
return json(['data' => ['site_url' => $site_url], 'code' => 'SUCCESS']); return json(['data' => ['site_url' => $site_url], 'code' => 'SUCCESS', 'msg' => '文件上传成功']);
} }
} }
} return json(['code' => 'ERROR', '文件上传失败']);
return json(['code' => 'ERROR']);
} }
/** /**

56
application/admin/view/plugs.upfile.html
View File

@ -43,14 +43,13 @@
function uploaded(ret, file) { function uploaded(ret, file) {
var url = ret.url || ret.site_url; var url = ret.url || ret.site_url;
$('#' + file.id).attr('data-md5', file.md5).attr('data-src', url); $('#' + file.id).attr('data-md5', file.md5).attr('data-src', url);
/* {if $mode === 'one'} */ /*{if $mode === 'one'}*/
top.$('[name="{$field}"]').map(function () { top.$('[name="{$field}"]').map(function () {
top.$(this).attr('data-srcs', ret.url).attr('data-md5', file.md5).val(url).trigger('change'); top.$(this).attr('data-srcs', ret.url).attr('data-md5', file.md5).val(url).trigger('change');
}); });
//top.$.msg.tips('文件上传成功!');
var index = top.layer.getFrameIndex(window.name); var index = top.layer.getFrameIndex(window.name);
top.layer.close(index); top.layer.close(index);
/* {/if} {$mode}*/ /*{/if} {$mode}*/
} }
function confirmSelected() { function confirmSelected() {
@ -135,8 +134,7 @@
})(), })(),
supportTransition = (function () { supportTransition = (function () {
var s = document.createElement('p').style, r = 'transition' in s || 'WebkitTransition' in s || 'MozTransition' in s || 'msTransition' in s || 'OTransition' in s; var s = document.createElement('p').style, r = 'transition' in s || 'WebkitTransition' in s || 'MozTransition' in s || 'msTransition' in s || 'OTransition' in s;
s = null; return (s = null), r;
return r;
})(), })(),
uploader; uploader;
if (!WebUploader.Uploader.support('flash') && WebUploader.browser.ie) { if (!WebUploader.Uploader.support('flash') && WebUploader.browser.ie) {
@ -218,23 +216,23 @@
label: '点击选择文件', label: '点击选择文件',
/*{if $mode === 'one'}*/ /*{if $mode === 'one'}*/
multiple: false, multiple: false,
/* {else} */ /*{else}*/
multiple: true, multiple: true,
/* {/if} */ /*{/if}*/
}, },
accept: { accept: {
title: '选择文件', title: '选择文件',
extensions: '{$types}', //'gif,jpg,jpeg,bmp,png', extensions: '{$types}',
mimeTypes: '{$mimes}' mimeTypes: '{$mimes}'
}, },
formData: {}, formData: {},
/*{if $mode === 'one'}*/ /*{if $mode === 'one'}*/
auto: true, auto: true,
fileNumLimit: 1, fileNumLimit: 1,
/* {else} */ /*{else}*/
auto: false, auto: false,
fileNumLimit: 300, fileNumLimit: 300,
/* {/if} */ /*{/if}*/
server: '{:url("admin/plugs/upload")}', server: '{:url("admin/plugs/upload")}',
swf: '__PUBLIC__/static/plugs/uploader/Uploader.swf', swf: '__PUBLIC__/static/plugs/uploader/Uploader.swf',
chunked: false, chunked: false,
@ -249,7 +247,7 @@
height: 16000, height: 16000,
crop: false, // 是否允许裁剪 crop: false, // 是否允许裁剪
quality: 90, // 图片质量(只有type为`image/jpeg`的时候才有效) quality: 90, // 图片质量(只有type为`image/jpeg`的时候才有效)
allowMagnify: false, // // 是否允许放大(如果想要生成小图的时候不失真此选项应该设置为false). allowMagnify: false, // 是否允许放大(如果想要生成小图的时候不失真此选项应该设置为false).
preserveHeaders: true, // 是否保留头部meta信息 preserveHeaders: true, // 是否保留头部meta信息
noCompressIfLarger: false, // 如果发现压缩后文件大小比原来还大,则使用原来图片 noCompressIfLarger: false, // 如果发现压缩后文件大小比原来还大,则使用原来图片
compressSize: 1024 * 512, // 单位字节(如果图片大小小于此值,不会采用压缩) compressSize: 1024 * 512, // 单位字节(如果图片大小小于此值,不会采用压缩)
@ -260,16 +258,12 @@
uploader.on('uploadBeforeSend', function (file, data, header) { uploader.on('uploadBeforeSend', function (file, data, header) {
header['X_Requested_With'] = 'XMLHttpRequest'; header['X_Requested_With'] = 'XMLHttpRequest';
data['allowed_types'] = this.options.accept[0].extensions.split(',').join('|'); data['allowed_types'] = this.options.accept[0].extensions.split(',').join('|');
data['token'] = file.file.token;
data['md5'] = file.file.md5; data['md5'] = file.file.md5;
data['key'] = file.file.key; data['key'] = file.file.key;
data['token'] = file.file.token;
}); });
/** /* 处理上传后的结果 */
* 处理上传后的结果
* @param {type} file
* @returns {undefined}
*/
uploader.on('uploadAccept', function (fieldata, ret) { uploader.on('uploadAccept', function (fieldata, ret) {
// Qiniu or Local 上传 // Qiniu or Local 上传
if (ret.code === 'SUCCESS') { if (ret.code === 'SUCCESS') {
@ -286,8 +280,7 @@
// 拖拽时不接受 js, txt 文件。 // 拖拽时不接受 js, txt 文件。
uploader.on('dndAccept', function (items) { uploader.on('dndAccept', function (items) {
var denied = false, len = items.length; var denied = false, len = items.length, unAllowed = 'text/plain;application/javascript ';
var unAllowed = 'text/plain;application/javascript ';
for (var i = 0; i < len; i++) { for (var i = 0; i < len; i++) {
if (~unAllowed.indexOf(items[ i ].type)) { if (~unAllowed.indexOf(items[ i ].type)) {
denied = true; denied = true;
@ -297,14 +290,8 @@
return !denied; return !denied;
}); });
// 添加“添加文件”的按钮, // 添加“添加文件”的按钮,
uploader.addButton({ uploader.addButton({id: '#filePicker2', label: '继续添加'});
id: '#filePicker2',
label: '继续添加'
});
uploader.on('ready', function () { uploader.on('ready', function () {
window.uploader = uploader; window.uploader = uploader;
}); });
@ -343,11 +330,11 @@
// @todo lazyload // @todo lazyload
$wrap.text('预览中'); $wrap.text('预览中');
uploader.makeThumb(file, function (error, src) { uploader.makeThumb(file, function (error, src) {
var img;
if (error) { if (error) {
$wrap.text('不能预览'); $wrap.text('不能预览');
return; return;
} }
var img;
if (isSupportBase64) { if (isSupportBase64) {
img = $('<img src="' + src + '">'); img = $('<img src="' + src + '">');
$wrap.empty().append(img); $wrap.empty().append(img);
@ -388,24 +375,18 @@
} else if (cur === 'complete') { } else if (cur === 'complete') {
$li.append('<span class="success"></span>'); $li.append('<span class="success"></span>');
} }
$li.removeClass('state-' + prev).addClass('state-' + cur); $li.removeClass('state-' + prev).addClass('state-' + cur);
}); });
$li.on('mouseenter', function () { $li.on('mouseenter', function () {
$btns.stop().animate({height: 30}); $btns.stop().animate({height: 30});
}); }).on('mouseleave', function () {
$li.on('mouseleave', function () {
$btns.stop().animate({height: 0}); $btns.stop().animate({height: 0});
}); });
$btns.on('click', 'span', function () { $btns.on('click', 'span', function () {
var index = $(this).index(), deg; var index = $(this).index(), deg;
switch (index) { switch (index) {
case 0: case 0:
uploader.removeFile(file); return uploader.removeFile(file);
return;
case 1: case 1:
file.rotation += 90; file.rotation += 90;
break; break;
@ -425,10 +406,9 @@
// 负责view的销毁 // 负责view的销毁
function removeFile(file) { function removeFile(file) {
var $li = $('#' + file.id);
delete percentages[ file.id ]; delete percentages[ file.id ];
updateTotalProgress(); updateTotalProgress();
$li.off().find('.file-panel').off().end().remove(); $('#' + file.id).off().find('.file-panel').off().end().remove();
} }
function updateTotalProgress() { function updateTotalProgress() {
@ -463,7 +443,7 @@
} }
function setState(val) { function setState(val) {
var file, stats; var stats;
if (val === state) { if (val === state) {
return; return;
} }