github/dootask
1
0
Fork 0
mirror of https://github.com/kuaifan/dootask.git synced 2026-03-17 19:23:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

perf: 检测文件名称包含特殊字符

Browse Source
This commit is contained in:
kuaifan 2023-03-17 16:32:09 +08:00
parent f1f8048acf
commit 8d16af1b78
4 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/Api/FileController.php
View File

@ -255,6 +255,10 @@ class FileController extends AbstractController
} elseif (mb_strlen($name) > 32) { } elseif (mb_strlen($name) > 32) {
return Base::retError('文件名称最多只能设置32个字'); return Base::retError('文件名称最多只能设置32个字');
} }
$tmpName = preg_replace("/[\\\\\/:*?\"<>|]/", '', $name);
if ($tmpName != $name) {
return Base::retError("文件名称不能包含这些字符:\/:*?\"<>|");
}
// //
if ($id > 0) { if ($id > 0) {
// 修改 // 修改

2
package.json
View File

@ -49,7 +49,7 @@
"stylus-loader": "^7.1.0", "stylus-loader": "^7.1.0",
"tinymce": "^5.10.3", "tinymce": "^5.10.3",
"tui-calendar-hi": "^1.15.1-5", "tui-calendar-hi": "^1.15.1-5",
"view-design-hi": "^4.7.0-42", "view-design-hi": "^4.7.0-43",
"vite": "^2.9.15", "vite": "^2.9.15",
"vite-plugin-file-copy": "^1.0.0", "vite-plugin-file-copy": "^1.0.0",
"vite-plugin-require": "^1.1.10", "vite-plugin-require": "^1.1.10",

4
resources/assets/js/components/QuickEdit.vue
View File

@ -14,6 +14,7 @@
ref="input" ref="input"
v-model="content" v-model="content"
:disabled="isLoad" :disabled="isLoad"
:parser="parser"
enterkeyhint="done" enterkeyhint="done"
@on-keydown="onKeydown" @on-keydown="onKeydown"
@on-blur="onBlur"/> @on-blur="onBlur"/>
@ -55,6 +56,9 @@ export default {
type: Boolean, type: Boolean,
default: false default: false
}, },
parser: {
type: Function
},
}, },
data() { data() {

8
resources/assets/js/pages/manage/file.vue
View File

@ -132,6 +132,7 @@
v-model="item.newname" v-model="item.newname"
size="small" size="small"
:disabled="!!item._load" :disabled="!!item._load"
:parser="onParser"
@on-blur="onBlur(item)" @on-blur="onBlur(item)"
@on-keyup="onKeyup($event, item)"/> @on-keyup="onKeyup($event, item)"/>
<div v-if="item._load" class="file-load"><Loading/></div> <div v-if="item._load" class="file-load"><Loading/></div>
@ -552,6 +553,7 @@ export default {
value: row.newname, value: row.newname,
autofocus: true, autofocus: true,
disabled: !!row._load, disabled: !!row._load,
parser: this.onParser
}, },
style: { style: {
width: 'auto' width: 'auto'
@ -590,6 +592,7 @@ export default {
value: row.name, value: row.name,
autoEdit: !!row._edit, autoEdit: !!row._edit,
clickOutSide: false, clickOutSide: false,
parser: this.onParser
}, },
on: { on: {
'on-edit-change': (b) => { 'on-edit-change': (b) => {
@ -1402,6 +1405,10 @@ export default {
}) })
}, },
onParser(val) {
return val.replace(/[\\\/:*?\"<>|]/g, '')
},
onBlur(item) { onBlur(item) {
if (this.fileLists.find(({id, _edit}) => id == item.id && !_edit)) { if (this.fileLists.find(({id, _edit}) => id == item.id && !_edit)) {
return; return;
@ -1450,6 +1457,7 @@ export default {
name: item.newname, name: item.newname,
type: item.type, type: item.type,
}, },
spinner: 2000
}).then(({data, msg}) => { }).then(({data, msg}) => {
$A.messageSuccess(msg) $A.messageSuccess(msg)
this.setLoad(item.id, false) this.setLoad(item.id, false)