hanxuntao 3 days ago
parent 229eeda48c
commit 2f21c032af

@ -325,6 +325,13 @@ namespace DSWeb.Areas.Account.Controllers
jsonRespose.Message = "上传文件发生未知错误,请重新上传"; jsonRespose.Message = "上传文件发生未知错误,请重新上传";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
} }
String fileExt = Path.GetExtension(file.FileName).ToLower();
if (fileExt == ".asp" || fileExt == ".aspx")
{
jsonRespose.Success = false;
jsonRespose.Message = "不允许上传ASP或ASPX文件";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
}
var path = Server.MapPath("../../UploadFiles/ImpBsExcel"); var path = Server.MapPath("../../UploadFiles/ImpBsExcel");

@ -1524,6 +1524,14 @@ namespace DSWeb.Areas.Account.Controllers
} }
string fileOriginalName = Path.GetFileNameWithoutExtension(imgFile.FileName); string fileOriginalName = Path.GetFileNameWithoutExtension(imgFile.FileName);
String fileExt = Path.GetExtension(imgFile.FileName).ToLower(); String fileExt = Path.GetExtension(imgFile.FileName).ToLower();
if (fileExt == ".asp" || fileExt == ".aspx")
{
jsonRespose.Success = false;
jsonRespose.Message = "不允许上传ASP或ASPX文件";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
}
String newFileName = DateTime.Now.ToString("yyyyMMddHHmmss_ffff", DateTimeFormatInfo.InvariantInfo) + idx.ToString() + fileExt; String newFileName = DateTime.Now.ToString("yyyyMMddHHmmss_ffff", DateTimeFormatInfo.InvariantInfo) + idx.ToString() + fileExt;
String filePath = dirPath + newFileName; String filePath = dirPath + newFileName;
imgFile.SaveAs(filePath); imgFile.SaveAs(filePath);

@ -931,7 +931,13 @@ namespace DSWeb.Areas.Import.Controllers
jsonRespose.Message = "上传文件发生未知错误,请重新上传"; jsonRespose.Message = "上传文件发生未知错误,请重新上传";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
} }
String fileExt = Path.GetExtension(file.FileName).ToLower();
if (fileExt == ".asp" || fileExt == ".aspx")
{
jsonRespose.Success = false;
jsonRespose.Message = "不允许上传ASP或ASPX文件";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
}
var path = ""; var path = "";
var FTPPATH = ""; var FTPPATH = "";
var COMPANYID = Convert.ToString(Session["COMPANYID"]); var COMPANYID = Convert.ToString(Session["COMPANYID"]);

@ -1014,6 +1014,14 @@ namespace DSWeb.MvcContainer.Controllers
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
} }
String fileExt = Path.GetExtension(file.FileName).ToLower();
if (fileExt == ".asp" || fileExt == ".aspx")
{
jsonRespose.Success = false;
jsonRespose.Message = "不允许上传ASP或ASPX文件";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
}
var path = Server.MapPath("../../UploadFiles/MsOpFiles/" + BSNO); var path = Server.MapPath("../../UploadFiles/MsOpFiles/" + BSNO);
if (!Directory.Exists(path)) if (!Directory.Exists(path))

@ -449,7 +449,13 @@ namespace DSWeb.MvcShipping.Controllers
jsonRespose.Message = "上传文件发生未知错误,请重新上传"; jsonRespose.Message = "上传文件发生未知错误,请重新上传";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
} }
String fileExt = Path.GetExtension(file.FileName).ToLower();
if (fileExt == ".asp" || fileExt == ".aspx")
{
jsonRespose.Success = false;
jsonRespose.Message = "不允许上传ASP或ASPX文件";
return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) };
}
var path = Server.MapPath("../../UploadFiles/MsOpFiles/" + CUSTNO); var path = Server.MapPath("../../UploadFiles/MsOpFiles/" + CUSTNO);
if (!Directory.Exists(path)) if (!Directory.Exists(path))

Loading…
Cancel
Save