improve function switchtheme

controller/ApiController.php

@@ -18,6 +18,7 @@ Class ApiController extends Controller {
         'systemError' => 500,
     );
 
+    //目录名和文件名最大长度限制
     protected $maxDirLen = 50;
     protected $maxFileLen = 60;
 
@@ -31,14 +32,17 @@ Class ApiController extends Controller {
                 '目录/文件列表' => '/api/ls/',
 
                 //文件操作
-                '重命名' => '/api/rename/',
-                '删除文件' => '/api/delete/',
-                '移动目录/文件' => '/api/move/',
                 'base64文件上传' => '/api/uploadbase64/',
+                '重命名目录/文件' => '/api/rename/',
+                '移动目录/文件' => '/api/move/',
+                '删除文件' => '/api/delete/',
 
                 //目录操作
                 '创建目录' => '/api/mkdir/',
                 '删除目录' => '/api/rmdir/',
+
+                //其它
+                '切换皮肤' => '/api/switchtheme/',
             ),
         );
         return $this->renderJson($params);
@@ -69,7 +73,7 @@ Class ApiController extends Controller {
         return $valid;
     }
 
-    //判断文件名是否合法，不能为空以及不能包含空白字符
+    //判断目录/文件名是否合法，不能为空以及不能包含空白字符
     protected function isFilenameValid($filename) {
         $notAllowedLetters = array(
             '"',
@@ -317,7 +321,7 @@ Class ApiController extends Controller {
             $err = "目录名不能为空";
             return $this->renderJson(compact('code', 'msg', 'err', 'data'));
         }else if (!$this->isFilenameValid($fromDir) || !$this->isFilenameValid($toDir)) {
-            $err = "目录名称中不能包含空格、单双引号、斜杠和分号字符！";
+            $err = "目录/文件名称中不能包含空格、单双引号、斜杠和分号字符！";
             return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }
 
@@ -424,6 +428,7 @@ Class ApiController extends Controller {
         return $this->renderJson(compact('code', 'msg', 'err', 'data'));
     }
 
+    //删除目录及其子目录和子文件
     protected function deleteDirTree($parentDir) {
         if (empty($parentDir)) {return false;}
 
@@ -703,8 +708,11 @@ Class ApiController extends Controller {
         }else if (!in_array($themeName, $allowedThemes)) {
             $err = "不支持的皮肤：{$themeName}";
             return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
-        }else if (!empty($contentDirectory) && strpos($contentDirectory, '/') !== false) {
+        }else if (!empty($contentDirectory) && $this->isFilenameValid($contentDirectory) == false) {
-            $err = "内容目录名称中不能包含斜杠字符！";
+            $err = "内容目录名不能包含空格、单双引号、斜杠和分号字符！";
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
+        }else if (!empty($contentDirectory) && $this->isParentDirectoryValid($contentDirectory) == false) {
+            $err = "内容目录不存在！";
             return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }