From c5086d2ca3aaf5e5bcc27c9b7c2b027596228693 Mon Sep 17 00:00:00 2001 From: filesite Date: Thu, 13 Oct 2022 21:17:07 +0800 Subject: [PATCH] add max filesize check --- controller/ApiController.php | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/controller/ApiController.php b/controller/ApiController.php index 16dcac2..1321c20 100644 --- a/controller/ApiController.php +++ b/controller/ApiController.php @@ -478,16 +478,28 @@ Class ApiController extends Controller { } //保存base64格式的文件 + //@return + //-1 文件大小超出限制 + //0 保存失败 + //1 保存成功 protected function saveBase64File($base64FileContent, $filePath) { - $saved = true; + $saved = 1; try { $base64 = preg_replace('/^data:[a-z0-9]+\/[a-z0-9]+;base64,/i', '', $base64FileContent); $base64 = str_replace(' ', '+', $base64); $fileContent = base64_decode($base64); file_put_contents($filePath, $fileContent); + + //判断文件大小 + $maxLength = FSC::$app['config']['admin']['maxUploadFileSize'] * 1024*1024; + $filesize = filesize($filePath); + if ($filesize > $maxLength) { + unlink($filePath); + $saved = -1; + } }catch(Exception $e) { - $saved = false; + $saved = 0; } return $saved; @@ -571,9 +583,13 @@ Class ApiController extends Controller { } $filePath = $this->createNewFile($parentDir, $filename); - if ($this->saveBase64File($upfile, $filePath)) { + $saved = $this->saveBase64File($upfile, $filePath); + if ($saved == 1) { $code = 1; $msg = '上传完成'; + }else if ($saved == -1) { + $maxSize = FSC::$app['config']['admin']['maxUploadFileSize']; + $err = "文件超出 {$maxSize}M 大小限制!"; }else { $err = '上传失败,请检查数据目录权限配置!'; }