新增文件大小和文件文件夹修改时间的显示

更新正则表达式,从白名单改成黑名单,效果更佳
This commit is contained in:
Chenx221 2024-02-12 14:04:13 +08:00
parent ed463be4f1
commit 45a6c663ba
Signed by: chenx221
GPG Key ID: D7A9EC07024C3021
2 changed files with 29 additions and 12 deletions

View File

@ -13,6 +13,7 @@ use yii\web\Response;
class HomeController extends Controller
{
protected string $pattern = '/^[^\p{C}\/:*?"<>|\\\\]+$/u';
public function behaviors()
{
return array_merge(
@ -47,7 +48,7 @@ class HomeController extends Controller
$rootDataDirectory = Yii::getAlias(Yii::$app->params['dataDirectory']);
$userId = Yii::$app->user->id;
if ($directory === '.' ||$directory == null) {
if ($directory === '.' || $directory == null) {
$directory = null;
$parentDirectory = null;
} elseif ($directory === '..' || str_contains($directory, '../')) {
@ -60,7 +61,9 @@ class HomeController extends Controller
$relativePath = $directory ? $directory . '/' . $item : $item;
$absolutePath = Yii::getAlias('@app') . '/data/' . Yii::$app->user->id . '/' . $relativePath;
$type = FileTypeDetector::detect($absolutePath);
$directoryContents[$key] = ['name' => $item, 'type' => $type];
$lastModified = filemtime($absolutePath);
$size = is_file($absolutePath) ? filesize($absolutePath) : null;
$directoryContents[$key] = ['name' => $item, 'type' => $type, 'lastModified' => $lastModified, 'size' => $size];
}
return $this->render('index', [
'directoryContents' => $directoryContents,
@ -114,7 +117,7 @@ class HomeController extends Controller
$relativePath = rawurldecode($relativePath);
// 检查相对路径是否只包含允许的字符
if (!preg_match('/^[\w\-.\/\s]+$/u', $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
if (!preg_match($this->pattern, $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
throw new NotFoundHttpException('Invalid file path.');
}
@ -151,7 +154,7 @@ class HomeController extends Controller
$relativePath = rawurldecode($relativePath);
// 检查相对路径是否只包含允许的字符
if (!preg_match('/^[\w\-.\/\s]+$/u', $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
if (!preg_match($this->pattern, $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
throw new NotFoundHttpException('Invalid file path.');
}
@ -195,7 +198,7 @@ class HomeController extends Controller
{
$relativePath = Yii::$app->request->post('relativePath');
$relativePath = rawurldecode($relativePath);
if (!preg_match('/^[\w\-.\/\s]+$/u', $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
if (!preg_match($this->pattern, $relativePath) || $relativePath === '.' || $relativePath === '..' || str_contains($relativePath, '../')) {
throw new NotFoundHttpException('Invalid file path.');
}
$absolutePath = Yii::getAlias(Yii::$app->params['dataDirectory']) . '/' . Yii::$app->user->id . '/' . $relativePath;

View File

@ -45,8 +45,10 @@ $this->registerCssFile('@web/css/home_style.css');
<table class="table table-hover">
<thead class="table-light">
<tr>
<th scope="col">名称</th>
<th scope="col">操作</th>
<th scope="col" class="name-col">名称</th>
<th scope="col" class="modified-col">最近修改时间</th>
<th scope="col" class="size-col">大小</th>
<th scope="col" class="action-col">操作</th>
</tr>
</thead>
<tbody>
@ -54,11 +56,17 @@ $this->registerCssFile('@web/css/home_style.css');
<?php $relativePath = $directory ? $directory . '/' . $item['name'] : $item['name']; ?>
<?php $absolutePath = Yii::getAlias('@app') . '/data/' . Yii::$app->user->id . '/' . $relativePath; ?>
<tr>
<?php if (is_dir($absolutePath)): ?>
<?php if (is_dir($absolutePath)): ?> <!-- 如果是文件夹 -->
<td>
<?= Html::tag('i', '', ['class' => $item['type'] . ' file_icon']) ?>
<?= Html::a($item['name'], ['home/index', 'directory' => $relativePath], ['class' => 'file_name']) ?>
</td>
<td class="file_info">
<?= date('Y-m-d H:i:s', $item['lastModified']) ?>
</td>
<td class="file_info">
---
</td>
<td>
<?= Html::button(Html::tag('i', '', ['class' => 'fa-solid fa-download']), [
'value' => Url::to(['home/download', 'relativePath' => $relativePath]),
@ -68,13 +76,19 @@ $this->registerCssFile('@web/css/home_style.css');
'data-bs-title' => '打包下载'
]) ?>
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-pen-to-square']), ['value' => $relativePath, 'class' => 'btn btn-outline-secondary rename-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '重命名']) ?>
<?= Html::button(Html::tag('i','',['class' => 'fa-regular fa-trash-can']),['value' => $relativePath,'class' =>'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除'])?>
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-trash-can']), ['value' => $relativePath, 'class' => 'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除']) ?>
</td>
<?php else: ?>
<?php else: ?> <!-- 如果是文件 -->
<td>
<?= Html::tag('i', '', ['class' => $item['type'] . ' file_icon']) ?>
<?= Html::a($item['name'], ['home/download', 'relativePath' => $relativePath], ['class' => 'file_name']) ?>
</td>
<td class="file_info">
<?= date('Y-m-d H:i:s', $item['lastModified']) ?>
</td>
<td class="file_info">
<?= $item['size'] !== null ? Yii::$app->formatter->asShortSize($item['size'], 2) : '' ?>
</td>
<td>
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-circle-down']), [
'value' => Url::to(['home/download', 'relativePath' => $relativePath]),
@ -84,7 +98,7 @@ $this->registerCssFile('@web/css/home_style.css');
'data-bs-title' => '下载'
]) ?>
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-pen-to-square']), ['value' => $relativePath, 'class' => 'btn btn-outline-secondary rename-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '重命名']) ?>
<?= Html::button(Html::tag('i','',['class' => 'fa-regular fa-trash-can']),['value' => $relativePath,'class' =>'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除'])?>
<?= Html::button(Html::tag('i', '', ['class' => 'fa-regular fa-trash-can']), ['value' => $relativePath, 'class' => 'btn btn-outline-danger delete-btn', 'data-bs-toggle' => 'tooltip', 'data-bs-placement' => 'top', 'data-bs-title' => '删除']) ?>
</td>
<?php endif; ?>
</tr>
@ -123,6 +137,6 @@ echo Html::submitButton('确认', ['class' => 'btn btn-danger']);
echo Html::endForm();
Modal::end();
$this->registerJsFile('@web/js/home_script.js', ['depends' => [JqueryAsset::class],'position' => View::POS_END]);
$this->registerJsFile('@web/js/home_script.js', ['depends' => [JqueryAsset::class], 'position' => View::POS_END]);
?>