修复文件上传限制，以及图片的后缀限制

controllers/banner.go

@@ -4,7 +4,6 @@ import (
 	"eta/eta_api/models"
 	"eta/eta_api/services"
 	"eta/eta_api/utils"
-	"github.com/h2non/filetype"
 	"io/ioutil"
 	"os"
 	"path"
@@ -53,14 +52,24 @@ func (this *BannerController) Upload() {
 		br.ErrMsg = "读取文件失败, Err: " + e.Error()
 		return
 	}
-	pass := filetype.IsImage(fileData)
-	if !pass {
-		br.Msg = "文件格式有误"
-		br.ErrMsg = "文件格式有误"
+	//pass := filetype.IsImage(fileData)
+	//if !pass {
+	//	br.Msg = "文件格式有误"
+	//	br.ErrMsg = "文件格式有误"
+	//	return
+	//}
+	ext := path.Ext(h.Filename)
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+	}, []string{
+		"jpg",
+		"png",
+	}, ext) {
+		br.Msg = "文件格式不支持"
+		br.ErrMsg = "文件格式不支持"
 		return
 	}
 
-	ext := path.Ext(h.Filename)
 	dateDir := time.Now().Format("20060102")
 	uploadDir := utils.STATIC_DIR + "hongze/" + dateDir
 	err = os.MkdirAll(uploadDir, utils.DIR_MOD)

controllers/material/material.go

@@ -10,7 +10,6 @@ import (
 	materialService "eta/eta_api/services/material"
 	"eta/eta_api/utils"
 	"fmt"
-	"github.com/h2non/filetype"
 	"github.com/rdlucklib/rdluck_tools/http"
 	"github.com/rdlucklib/rdluck_tools/paging"
 	"io/ioutil"
@@ -1368,13 +1367,23 @@ func (this *MaterialController) Upload() {
 		br.ErrMsg = "读取文件失败, Err: " + e.Error()
 		return
 	}
-	pass := filetype.IsImage(fileData)
-	if !pass {
-		br.Msg = "文件格式有误"
-		br.ErrMsg = "文件格式有误"
+	//pass := filetype.IsImage(fileData)
+	//if !pass {
+	//	br.Msg = "文件格式有误"
+	//	br.ErrMsg = "文件格式有误"
+	//	return
+	//}
+	ext := path.Ext(h.Filename)
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+	}, []string{
+		"jpg",
+		"png",
+	}, ext) {
+		br.Msg = "文件格式不支持"
+		br.ErrMsg = "文件格式不支持"
 		return
 	}
-	ext := path.Ext(h.Filename)
 	randStr := utils.GetRandStringNoSpecialChar(28)
 	fileName := randStr + ext
 

controllers/report.go

@@ -258,14 +258,24 @@ func (this *ReportController) Upload() {
 		br.ErrMsg = "读取文件失败, Err: " + e.Error()
 		return
 	}
-	pass := filetype.IsImage(fileData)
-	if !pass {
-		br.Msg = "文件格式有误"
-		br.ErrMsg = "文件格式有误"
-		return
-	}
+	//pass := filetype.IsImage(fileData)
+	//if !pass {
+	//	br.Msg = "文件格式有误"
+	//	br.ErrMsg = "文件格式有误"
+	//	return
+	//}
 
 	ext := path.Ext(h.Filename)
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+	}, []string{
+		"jpg",
+		"png",
+	}, ext) {
+		br.Msg = "文件格式不支持"
+		br.ErrMsg = "文件格式不支持"
+		return
+	}
 	dateDir := time.Now().Format("20060102")
 	uploadDir := utils.STATIC_DIR + "hongze/" + dateDir
 	err = os.MkdirAll(uploadDir, utils.DIR_MOD)
@@ -517,8 +527,23 @@ func (this *ReportUploadCommonController) UploadImg() {
 		err = fmt.Errorf("读取文件失败, Err: %s", e.Error())
 		return
 	}
-	pass := filetype.IsImage(fileData)
-	if !pass {
+	//pass := filetype.IsImage(fileData)
+	//if !pass {
+	//	kind, _ := filetype.Match(fileData)
+	//	if kind.Extension != "pdf" {
+	//		err = fmt.Errorf("文件格式有误")
+	//		return
+	//	}
+	//	fmt.Printf("File type: %s. MIME: %s\n", kind.Extension, kind.MIME.Value)
+	//}
+
+	ext := path.Ext(h.Filename)
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+	}, []string{
+		"jpg",
+		"png",
+	}, ext) {
 		kind, _ := filetype.Match(fileData)
 		if kind.Extension != "pdf" {
 			err = fmt.Errorf("文件格式有误")
@@ -526,8 +551,6 @@ func (this *ReportUploadCommonController) UploadImg() {
 		}
 		fmt.Printf("File type: %s. MIME: %s\n", kind.Extension, kind.MIME.Value)
 	}
-
-	ext := path.Ext(h.Filename)
 	dateDir := time.Now().Format("20060102")
 	uploadDir := utils.STATIC_DIR + "hongze/" + dateDir
 	err = os.MkdirAll(uploadDir, utils.DIR_MOD)

controllers/resource.go

@@ -54,15 +54,25 @@ func (this *ResourceController) Upload() {
 		br.ErrMsg = "读取文件失败, Err: " + e.Error()
 		return
 	}
-	pass := filetype.IsImage(fileData)
-	if !pass {
-		br.Msg = "文件格式有误"
-		br.ErrMsg = "文件格式有误"
-		return
-	}
+	//pass := filetype.IsImage(fileData)
+	//if !pass {
+	//	br.Msg = "文件格式有误"
+	//	br.ErrMsg = "文件格式有误"
+	//	return
+	//}
 
 	uploadFileName := h.Filename //上传的文件名
 	ext := path.Ext(h.Filename)
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+	}, []string{
+		"jpg",
+		"png",
+	}, ext) {
+		br.Msg = "文件格式不支持"
+		br.ErrMsg = "文件格式不支持"
+		return
+	}
 	dateDir := time.Now().Format("20060102")
 	uploadDir := utils.STATIC_DIR + "hongze/" + dateDir
 	err = os.MkdirAll(uploadDir, utils.DIR_MOD)
@@ -662,14 +672,24 @@ func (this *ResourceController) UploadImageBase64() {
 			br.ErrMsg = "读取文件失败, Err: " + e.Error()
 			return
 		}
-		pass := filetype.IsImage(fileData)
-		if !pass {
-			br.Msg = "文件格式有误"
-			br.ErrMsg = "文件格式有误"
-			return
-		}
+		//pass := filetype.IsImage(fileData)
+		//if !pass {
+		//	br.Msg = "文件格式有误"
+		//	br.ErrMsg = "文件格式有误"
+		//	return
+		//}
 
 		ext = path.Ext(h.Filename)
+		if !utils.IsValidType(fileData, []utils.SourceType{
+			utils.Image,
+		}, []string{
+			"jpg",
+			"png",
+		}, ext) {
+			br.Msg = "文件格式不支持"
+			br.ErrMsg = "文件格式不支持"
+			return
+		}
 		dateDir := time.Now().Format("20060102")
 		uploadDir = utils.STATIC_DIR + "hongze/" + dateDir
 		err = os.MkdirAll(uploadDir, utils.DIR_MOD)
@@ -856,14 +876,25 @@ func (this *ResourceController) UploadV2() {
 		br.ErrMsg = "读取文件失败, Err: " + e.Error()
 		return
 	}
-	pass := filetype.IsImage(fileData)
-	if !pass {
-		br.Msg = "文件格式有误"
-		br.ErrMsg = "文件格式有误"
-		return
-	}
+	//pass := filetype.IsImage(fileData)
+	//
+	//if !pass {
+	//	br.Msg = "文件格式有误"
+	//	br.ErrMsg = "文件格式有误"
+	//	return
+	//}
 
 	ext := path.Ext(h.Filename)
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+	}, []string{
+		"jpg",
+		"png",
+	}, ext) {
+		br.Msg = "文件格式不支持"
+		br.ErrMsg = "文件格式不支持"
+		return
+	}
 	dateDir := time.Now().Format("20060102")
 	uploadDir := utils.STATIC_DIR + "hongze/" + dateDir
 	err = os.MkdirAll(uploadDir, utils.DIR_MOD)
@@ -1118,8 +1149,28 @@ func (this *ResourceController) FileUpload() {
 		return
 	}
 
-	uploadFileName := h.Filename //上传的文件名
 	ext := path.Ext(h.Filename)
+	fileData, e := io.ReadAll(f)
+	if e != nil {
+		br.Msg = "上传失败"
+		br.ErrMsg = "读取文件失败, Err: " + e.Error()
+		return
+	}
+	if !utils.IsValidType(fileData, []utils.SourceType{
+		utils.Image,
+		utils.Document,
+	}, []string{
+		"jpg",
+		"png",
+		"docx",
+		"xlsx",
+		"pdf",
+	}, ext) {
+		br.Msg = "文件格式不支持"
+		br.ErrMsg = "文件格式不支持"
+		return
+	}
+	uploadFileName := h.Filename //上传的文件名
 	dateDir := time.Now().Format("20060102")
 	uploadDir := utils.STATIC_DIR + "hongze/" + dateDir
 	err = os.MkdirAll(uploadDir, utils.DIR_MOD)
@@ -1171,7 +1222,6 @@ func (this *ResourceController) FileUpload() {
 		ResourceUrl:  resourceUrl,
 		ResourceName: uploadFileName,
 	}
-
 	br.Msg = "上传成功"
 	br.Ret = 200
 	br.Success = true

utils/file.go

@@ -0,0 +1,88 @@
+package utils
+
+import (
+	"fmt"
+	"github.com/h2non/filetype"
+	"github.com/h2non/filetype/types"
+	"sync"
+)
+
+type SourceType string
+
+const (
+	Image    SourceType = "image"
+	Video    SourceType = "video"
+	Archive  SourceType = "archive"
+	Audio    SourceType = "audio"
+	Document SourceType = "document"
+)
+
+func CheckFileType(buf []byte, sourceType SourceType, exactFileType []string, fileExt string) bool {
+	switch sourceType {
+	case Document:
+		kind, err := filetype.Document(buf)
+		if err != nil {
+			return false
+		}
+		return exactFile(exactFileType, kind, fileExt)
+	case Image:
+		kind, err := filetype.Image(buf)
+		if err != nil {
+			return false
+		}
+		return exactFile(exactFileType, kind, fileExt)
+	case Video:
+		kind, err := filetype.Video(buf)
+		if err != nil {
+			return false
+		}
+		return exactFile(exactFileType, kind, fileExt)
+	case Audio:
+		kind, err := filetype.Audio(buf)
+		if err != nil {
+			return false
+		}
+		return exactFile(exactFileType, kind, fileExt)
+	case Archive:
+		kind, err := filetype.Archive(buf)
+		if err != nil {
+			return false
+		}
+		return exactFile(exactFileType, kind, fileExt)
+	default:
+		return false
+	}
+}
+func exactFile(exactFileType []string, fileKind types.Type, fileExt string) bool {
+	for _, fileType := range exactFileType {
+		if fileKind.Extension == fileType {
+			if fileExt != "" && (fileExt == fmt.Sprintf(".%s", fileKind.Extension) || (fileExt == ".jpeg" && fileKind.Extension == "jpg")) {
+				return true
+			}
+			return false
+		}
+	}
+	return false
+}
+func IsValidType(buf []byte, sourceTypes []SourceType, exactFileType []string, fileExt string) bool {
+	if len(sourceTypes) == 0 {
+		return false
+	}
+	var wg sync.WaitGroup
+	resultChan := make(chan bool, len(sourceTypes))
+	for _, sourceType := range sourceTypes {
+		wg.Add(1)
+		go func(st SourceType) {
+			defer wg.Done()
+			resultChan <- CheckFileType(buf, st, exactFileType, fileExt)
+		}(sourceType)
+	}
+	wg.Wait()
+	close(resultChan)
+	for result := range resultChan {
+		if result {
+			return true
+		}
+	}
+	return false
+}