|
|
|
|
@ -18,6 +18,9 @@ Class ApiController extends Controller {
@@ -18,6 +18,9 @@ Class ApiController extends Controller {
|
|
|
|
|
'systemError' => 500, |
|
|
|
|
); |
|
|
|
|
|
|
|
|
|
protected $maxDirLen = 50; |
|
|
|
|
protected $maxFileLen = 60; |
|
|
|
|
|
|
|
|
|
//show api list |
|
|
|
|
public function actionIndex() { |
|
|
|
|
$params = array( |
|
|
|
|
@ -155,7 +158,7 @@ Class ApiController extends Controller {
@@ -155,7 +158,7 @@ Class ApiController extends Controller {
|
|
|
|
|
|
|
|
|
|
$parentDir = $this->post('parent', ''); |
|
|
|
|
$newDir = $this->post('dir', ''); |
|
|
|
|
$maxDirLen = 20; |
|
|
|
|
$maxDirLen = $this->maxDirLen; |
|
|
|
|
if (empty($newDir) || mb_strlen($newDir, 'utf-8') > $maxDirLen) { |
|
|
|
|
$err = "目录名不能为空且最长 {$maxDirLen} 个字符"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
@ -204,7 +207,7 @@ Class ApiController extends Controller {
@@ -204,7 +207,7 @@ Class ApiController extends Controller {
|
|
|
|
|
|
|
|
|
|
$parentDir = $this->post('parent', ''); |
|
|
|
|
$delDir = $this->post('dir', ''); |
|
|
|
|
$maxDirLen = 20; |
|
|
|
|
$maxDirLen = $this->maxDirLen; |
|
|
|
|
if (empty($delDir) || mb_strlen($delDir, 'utf-8') > $maxDirLen) { |
|
|
|
|
$err = "目录名不能为空且最长 {$maxDirLen} 个字符"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
@ -254,9 +257,8 @@ Class ApiController extends Controller {
@@ -254,9 +257,8 @@ Class ApiController extends Controller {
|
|
|
|
|
$fromParent = $this->getParentDir($fromDir); |
|
|
|
|
$toDir = $this->post('to', ''); |
|
|
|
|
$toParent = $this->getParentDir($toDir); |
|
|
|
|
$maxDirLen = 50; |
|
|
|
|
if (empty($fromDir) || mb_strlen($fromDir, 'utf-8') > $maxDirLen || empty($toDir) || mb_strlen($toDir, 'utf-8') > $maxDirLen) { |
|
|
|
|
$err = "目录名不能为空且最长 {$maxDirLen} 个字符"; |
|
|
|
|
if (empty($fromDir) || empty($toDir)) { |
|
|
|
|
$err = "目录名不能为空"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
}else if ($this->isParentDirectoryValid($fromParent) == false) { //父目录合法性检查 |
|
|
|
|
$err = "被移动目录{$fromParent}不存在"; |
|
|
|
|
@ -271,7 +273,7 @@ Class ApiController extends Controller {
@@ -271,7 +273,7 @@ Class ApiController extends Controller {
|
|
|
|
|
preg_match('/\/$/', $toDir) || preg_match('/\/[^\.]+$/', $toDir) |
|
|
|
|
) |
|
|
|
|
) { |
|
|
|
|
if ($this->isParentDirectoryValid($toDir) == false) { //父目录合法性检查 |
|
|
|
|
if ($this->isParentDirectoryValid($toDir) == false) { //目录合法性检查 |
|
|
|
|
$err = "目标目录{$toDir}不存在"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
} |
|
|
|
|
@ -311,9 +313,8 @@ Class ApiController extends Controller {
@@ -311,9 +313,8 @@ Class ApiController extends Controller {
|
|
|
|
|
$parentDir = $this->post('parent', ''); |
|
|
|
|
$fromDir = $this->post('from', ''); |
|
|
|
|
$toDir = $this->post('to', ''); |
|
|
|
|
$maxDirLen = 20; |
|
|
|
|
if (empty($fromDir) || mb_strlen($fromDir, 'utf-8') > $maxDirLen || empty($toDir) || mb_strlen($toDir, 'utf-8') > $maxDirLen) { |
|
|
|
|
$err = "目录名不能为空且最长 {$maxDirLen} 个字符"; |
|
|
|
|
if (empty($fromDir) || empty($toDir)) { |
|
|
|
|
$err = "目录名不能为空"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data')); |
|
|
|
|
}else if (!$this->isFilenameValid($fromDir) || !$this->isFilenameValid($toDir)) { |
|
|
|
|
$err = "目录名称中不能包含空格、单双引号、斜杠和分号字符!"; |
|
|
|
|
@ -360,9 +361,9 @@ Class ApiController extends Controller {
@@ -360,9 +361,9 @@ Class ApiController extends Controller {
|
|
|
|
|
|
|
|
|
|
$parentDir = $this->post('parent', ''); |
|
|
|
|
$delFile = $this->post('file', ''); |
|
|
|
|
$maxDirLen = 30; |
|
|
|
|
if (empty($delFile) || mb_strlen($delFile, 'utf-8') > $maxDirLen) { |
|
|
|
|
$err = "文件名不能为空且最长 {$maxDirLen} 个字符"; |
|
|
|
|
$maxFileLen = $this->maxFileLen; |
|
|
|
|
if (empty($delFile) || mb_strlen($delFile, 'utf-8') > $maxFileLen) { |
|
|
|
|
$err = "文件名不能为空且最长 {$maxFileLen} 个字符"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
}else if (!$this->isFilenameValid($delFile)) { |
|
|
|
|
$err = "待删除的文件名称中不能包含空格、单双引号、斜杠和分号字符!"; |
|
|
|
|
@ -625,9 +626,14 @@ Class ApiController extends Controller {
@@ -625,9 +626,14 @@ Class ApiController extends Controller {
|
|
|
|
|
$parentDir = $this->post('parent', ''); |
|
|
|
|
$upfile = $this->post('file', ''); |
|
|
|
|
$filename = $this->post('name', ''); |
|
|
|
|
|
|
|
|
|
$maxFileLen = $this->maxFileLen; |
|
|
|
|
if (empty($upfile) || empty($filename)) { |
|
|
|
|
$err = '所有参数都不能为空!'; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
}else if (mb_strlen($filename, 'utf-8') > $maxFileLen) { |
|
|
|
|
$err = "文件名最长 {$maxFileLen} 个字符!"; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
}else if (!$this->isFilenameValid($filename)) { |
|
|
|
|
$err = '文件名不能包含空格、单双引号、斜杠和分号字符!'; |
|
|
|
|
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']); |
|
|
|
|
|
wen
2 years ago