From 57ddc42101d2f091ab53a1a85564265d024b9f46 Mon Sep 17 00:00:00 2001
From: ageerle <32251822+ageerle@users.noreply.github.com>
Date: 星期五, 14 三月 2025 22:56:11 +0800
Subject: [PATCH] Merge pull request #14 from littleman2016/add_upload_file_extention_check

---
 ruoyi-common/ruoyi-common-core/src/main/java/org/ruoyi/common/core/utils/file/FileUtils.java |   40 ++++++++++++++++++++++++++++++++++++++++
 1 files changed, 40 insertions(+), 0 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/ruoyi/common/core/utils/file/FileUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/ruoyi/common/core/utils/file/FileUtils.java
index 9c6f265..c8cc119 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/org/ruoyi/common/core/utils/file/FileUtils.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/ruoyi/common/core/utils/file/FileUtils.java
@@ -4,9 +4,13 @@
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.AccessLevel;
 import lombok.NoArgsConstructor;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.web.multipart.MultipartFile;
 
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+import java.util.UUID;
 
 /**
  * 鏂囦欢澶勭悊宸ュ叿绫�
@@ -15,6 +19,8 @@
  */
 @NoArgsConstructor(access = AccessLevel.PRIVATE)
 public class FileUtils extends FileUtil {
+
+    private static final String FILE_EXTENTION_SPLIT = ".";
 
     /**
      * 涓嬭浇鏂囦欢鍚嶉噸鏂扮紪鐮�
@@ -40,4 +46,38 @@
         String encode = URLEncoder.encode(s, StandardCharsets.UTF_8);
         return encode.replaceAll("\\+", "%20");
     }
+
+    /**
+     * 妫�鏌ユ枃浠舵墿灞曞悕鏄惁绗﹀悎瑕佹眰
+     *
+     * @param file
+     * @return
+     */
+    public static boolean isValidFileExtention(MultipartFile file, String[] ALLOWED_EXTENSIONS) {
+        if (file == null || file.isEmpty()) {
+            return false;
+        }
+        final String filename = file.getOriginalFilename();
+        if (StringUtils.isBlank(filename) || !filename.contains(FILE_EXTENTION_SPLIT)) {
+            return false;
+        }
+        // 鑾峰彇鏂囦欢鍚庣紑
+        String fileExtension = filename.substring(filename.lastIndexOf('.') + 1).toLowerCase();
+
+        return Arrays.asList(ALLOWED_EXTENSIONS).contains(fileExtension);
+    }
+
+    /**
+     * 鑾峰彇瀹夊叏鐨勬枃浠惰矾寰�
+     *
+     * @param originalFilename 鍘熷鏂囦欢鍚�
+     * @param secureFilePath   瀹夊叏璺緞
+     * @return 瀹夊叏鏂囦欢璺緞
+     */
+    public static String getSecureFilePathForUpload(final String originalFilename, final String secureFilePath) {
+        String extension = originalFilename.substring(originalFilename.lastIndexOf(FILE_EXTENTION_SPLIT));
+        String newFileName = UUID.randomUUID() + extension;
+
+        return secureFilePath + newFileName; // 棰勫畾涔夊畨鍏ㄨ矾寰�
+    }
 }

--
Gitblit v1.9.3