新增文件大小和文件文件夹修改时间的显示
更新正则表达式,从白名单改成黑名单,效果更佳
This commit is contained in:
parent
ed463be4f1
commit
45a6c663ba
GPG Key ID:
D7A9EC07024C3021
@ -13,6 +13,7 @@ use yii\web\Response;
|
||||
|
||||
class HomeController extends Controller
|
||||
{
|
||||
protected string $pattern = '/^[^\p{C}\/:*?"<>|\\\\]+$/u';
|
||||
public function behaviors()
|
||||
{
|
||||
return array_merge(
|
||||
@ -47,7 +48,7 @@ class HomeController extends Controller
|
||||
$rootDataDirectory = Yii::getAlias(Yii::$app->params['dataDirectory']);
|
||||
$userId = Yii::$app->user->id;
|
||||
|
||||
if ($directory === '.' ||$directory == null) {
|
||||
if ($directory === '.' || $directory == null) {
|
||||
$directory = null;
|
||||
$parentDirectory = null;
|
||||
} elseif ($directory === '..' || str_contains($directory, '../')) {
|
||||
@ -60,7 +61,9 @@ class HomeController extends Controller
|
||||
$relativePath = $directory ? $directory . '/' . $item : $item;
|
||||
$absolutePath = Yii::getAlias('@app') . '/data/' . Yii::$app->user->id . '/' . $relativePath;
|
||||
$type = FileTypeDetector::detect($absolutePath);
|
||||
$directoryContents[$key] = ['name' => $item, 'type' => $type];
|
||||
$lastModified = filemtime($absolutePath);
|
||||
$size = is_file($absolutePath) ? filesize($absolutePath) : null;
|
||||
$directoryContents[$key] = ['name' => $item, 'type' => $type, 'lastModified' => $lastModified, 'size' => $size];
|
||||
}
|
||||
return $this->render('index', [
|
||||
'directoryContents' => $directoryContents,
|
||||
@ -114,7 +117,7 @@ class HomeController extends Controller
|
||||
$relativePath = rawurldecode($relativePath);
|
||||
|
||||
// 检查相对路径是否只包含允许的字符
|
||||
if (!preg_match('/^[\w\-.\/\s]+$/u', $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
|
||||
if (!preg_match($this->pattern, $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
|
||||
throw new NotFoundHttpException('Invalid file path.');
|
||||
}
|
||||
|
||||
@ -151,7 +154,7 @@ class HomeController extends Controller
|
||||
$relativePath = rawurldecode($relativePath);
|
||||
|
||||
// 检查相对路径是否只包含允许的字符
|
||||
if (!preg_match('/^[\w\-.\/\s]+$/u', $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
|
||||
if (!preg_match($this->pattern, $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
|
||||
throw new NotFoundHttpException('Invalid file path.');
|
||||
}
|
||||
|
||||
@ -195,7 +198,7 @@ class HomeController extends Controller
|
||||
{
|
||||
$relativePath = Yii::$app->request->post('relativePath');
|
||||
$relativePath = rawurldecode($relativePath);
|
||||
if (!preg_match('/^[\w\-.\/\s]+$/u', $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
|
||||
if (!preg_match($this->pattern, $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
|
||||
throw new NotFoundHttpException('Invalid file path.');
|
||||
}
|
||||
$absolutePath = Yii::getAlias(Yii::$app->params['dataDirectory']) . '/' . Yii::$app->user->id . '/' . $relativePath;
|
||||
|
||||
@ -45,8 +45,10 @@ $this->registerCssFile('@web/css/home_style.css');
|
||||
<table class="table table-hover">
|
||||
<thead class="table-light">
|
||||
<tr>
|
||||
<th scope="col">名称</th>
|
||||
<th scope="col">操作</th>
|
||||
<th scope="col" class="name-col">名称</th>
|
||||
<th scope="col" class="modified-col">最近修改时间</th>
|
||||
<th scope="col" class="size-col">大小</th>
|
||||
<th scope="col" class="action-col">操作</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
@ -54,11 +56,17 @@ $this->registerCssFile('@web/css/home_style.css');
|
||||
<?php $relativePath = $directory ? $directory . '/' . $item['name'] : $item['name']; ?>
|
||||
<?php $absolutePath = Yii::getAlias('@app') . '/data/' . Yii::$app->user->id . '/' . $relativePath; ?>
|
||||
<tr>
|
||||
<?php if (is_dir($absolutePath)): ?>
|
||||
<?php if (is_dir($absolutePath)): ?> <!-- 如果是文件夹 -->
|
||||
<td>
|
||||
<?= Html::tag('i', '', ['class' => $item['type'] . ' file_icon']) ?>
|
||||
<?= Html::a($item['name'], ['home/index', 'directory' => $relativePath], ['class' => 'file_name']) ?>
|
||||
</td>
|
||||
<td class="file_info">
|
||||
<?= date('Y-m-d H:i:s', $item['lastModified']) ?>
|
||||
</td>
|
||||
<td class="file_info">
|
||||
---
|
||||
</td>
|
||||
<td>
|
||||
<?= Html::button(Html::tag('i', '', ['class' => 'fa-solid fa-download']), [
|
||||
'value' => Url::to(['home/download', 'relativePath' => $relativePath]),
|
||||
@ -68,13 +76,19 @@ $this->registerCssFile('@web/css/home_style.css');
|
||||
'data-bs-title' => '打包下载'
|
||||
]) ?>
|
||||
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-pen-to-square']), ['value' => $relativePath, 'class' => 'btn btn-outline-secondary rename-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '重命名']) ?>
|
||||
<?= Html::button(Html::tag('i','',['class' => 'fa-regular fa-trash-can']),['value' => $relativePath,'class' =>'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除'])?>
|
||||
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-trash-can']), ['value' => $relativePath, 'class' => 'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除']) ?>
|
||||
</td>
|
||||
<?php else: ?>
|
||||
<?php else: ?> <!-- 如果是文件 -->
|
||||
<td>
|
||||
<?= Html::tag('i', '', ['class' => $item['type'] . ' file_icon']) ?>
|
||||
<?= Html::a($item['name'], ['home/download', 'relativePath' => $relativePath], ['class' => 'file_name']) ?>
|
||||
</td>
|
||||
<td class="file_info">
|
||||
<?= date('Y-m-d H:i:s', $item['lastModified']) ?>
|
||||
</td>
|
||||
<td class="file_info">
|
||||
<?= $item['size'] !== null ? Yii::$app->formatter->asShortSize($item['size'], 2) : '' ?>
|
||||
</td>
|
||||
<td>
|
||||
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-circle-down']), [
|
||||
'value' => Url::to(['home/download', 'relativePath' => $relativePath]),
|
||||
@ -84,7 +98,7 @@ $this->registerCssFile('@web/css/home_style.css');
|
||||
'data-bs-title' => '下载'
|
||||
]) ?>
|
||||
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-pen-to-square']), ['value' => $relativePath, 'class' => 'btn btn-outline-secondary rename-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '重命名']) ?>
|
||||
<?= Html::button(Html::tag('i','',['class' => 'fa-regular fa-trash-can']),['value' => $relativePath,'class' =>'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除'])?>
|
||||
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-trash-can']), ['value' => $relativePath, 'class' => 'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除']) ?>
|
||||
</td>
|
||||
<?php endif; ?>
|
||||
</tr>
|
||||
@ -123,6 +137,6 @@ echo Html::submitButton('确认', ['class' => 'btn btn-danger']);
|
||||
echo Html::endForm();
|
||||
|
||||
Modal::end();
|
||||
$this->registerJsFile('@web/js/home_script.js', ['depends' => [JqueryAsset::class],'position' => View::POS_END]);
|
||||
$this->registerJsFile('@web/js/home_script.js', ['depends' => [JqueryAsset::class], 'position' => View::POS_END]);
|
||||
?>
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user