diff --git a/functions/class/class.user.php b/functions/class/class.user.php
index c30d304..809cc6a 100644
--- a/functions/class/class.user.php
+++ b/functions/class/class.user.php
@@ -127,7 +127,22 @@
}
return $ip;
}
-
+ //判断文件MIME类型
+ function mime($path){
+ $mime = mime_content_type($path);
+ switch ( $mime )
+ {
+ case 'image/gif':
+ case 'image/png':
+ case 'image/jpeg':
+ case 'image/bmp':
+ return true;
+ break;
+ default:
+ return false;
+ break;
+ }
+ }
}
//自动初始化完成一些基础操作
diff --git a/functions/cvupload.php b/functions/cvupload.php
index f3a11f8..0a596eb 100644
--- a/functions/cvupload.php
+++ b/functions/cvupload.php
@@ -20,39 +20,72 @@
$ua = $_SERVER['HTTP_USER_AGENT'];
$date = date('Y-m-d',time());
- //图片存储路径
- $picpath = $updir.'/'.date('ym',time()).'/'.'dsdds.png';
+ //根据IP、ua、时间生成一个唯一的md5值
+ $picname = md5($ip.$ua.date('Y-m-d H:i:s',time()));
+ //截取16个字符
+ $picname = substr($picname,8,16).'.png';
+ $onepath = $updir.'/'.date('ym',time()).'/'.$picname;
+ //图片完整存储路径
+ $picpath = APP.$onepath;
- //接受base64图片
+ //echo $picpath;
+ //替换一下,以免windows出现问题
+ $picpath = str_replace("\\","/",$picpath);
+
+ //echo $picpath;
+
+ //接接收ase64图片
$picfile = $_POST['content'];
$picfile = base64_decode($picfile);
//echo $picfile;
//存储图片
- var_dump(file_put_contents("D:/wwwroot/imgurl/upload/1809/dsd.png", $picfile));
-
+ file_put_contents($picpath, $picfile);
+ //获取文件mime类型
+ //如果不是图片文件,终止执行
+ if(!$basis->mime($picpath)){
+ unlink($picpath);
+ $arr = array(
+ "code" => 0,
+ "msg" => '不允许的文件类型'
+ );
+ $json = json_encode($arr);
+ echo $json;
+ exit;
+ }
+
+
+ //继续执行并写入数据库
+ $last_user_id = $database->insert("imginfo", [
+ "path" => $onepath,
+ "ip" => $ip,
+ "ua" => $ua,
+ "date" => $date,
+ "dir" => $updir,
+ "compress" => 0,
+ "level" => 0
+ ]);
+ //var_dump($database->log());
+ //返回最后的ID
+ $account_id = $database->id();
+ //写入数据库成功,返回json数据
+ if($last_user_id){
+ $url = $config['domain'].$onepath;
+ rejson(1,$url,$account_id);
+ }
//echo $picpath;
//var_dump($picfile);
?>
$code,
+ "url" => $url,
+ "id" => $id
+ );
+ $json = json_encode($arr);
+ echo $json;
+ }
?>
\ No newline at end of file
diff --git a/miniup.html b/miniup.html
index 49654f6..dce0ea9 100644
--- a/miniup.html
+++ b/miniup.html
@@ -14,7 +14,7 @@
-