Laravel 5.1上传文件的安全性 [英] Laravel 5.1 Upload Files Security

问题描述

如何在上传文件中设置只能上传pdf，doc，jpeg，png和docx的安全性?

How can I set a security in my upload files that only pdf, doc, jpeg, png and docx can be uploaded?

我只是在尝试，但我不知道这是否是正确的事情……只是做实验..^ _ ^但毕竟它没有起作用^^ ...实际上，我已经遇到错误..尝试为此帮助我吗?

I'm just trying it but I don't know if it is the right thing to do... just experimenting.. ^_^ But after all it didn't function ^^ ... actually i've got an error.. Try to help me guys for this?

这是我的Controller.php

Here's my Controller.php

public function index()
{
    $entries = Fileentry::where('user_id',Auth::user()->id)->get();
    return view('fileentries.index', compact('entries'));
}

public function store(UploadFiles $request)
{
    if($request->file('filename')) 
    {
        $file = $request->file('filename');

        $filename           = $file->getFilename().'.'.$extension;
        $fileExt            = $file->getClientOriginalExtension();
        $mime               = $file->getClientMimeType();
        $original_filename  = $file->getClientOriginalName();
        $description        = UploadFiles::input('description');
        $user_id            = Auth::user()->id;
        $file->save();

        // Move the file now
        $updatedFileName = $filename.'.'.$fileExt;
        $file->move('path/to/destination/folder', $updatedFileName);

     return redirect('upload');
    }

    else
    {
        echo "nothing happen";
    }
}

这是我的View.blade.php

Here's my View.blade.php

@extends('layouts.app')
@section('content')

<form action="{{route('addentry', [])}}" method="post" enctype="multipart/form-data">
    <input name="_token" type="hidden" value="{!! csrf_token() !!}" />
    <input type="file" name="filefield" required>
    <br>

    Description <br>
    <input type="textarea" name="description">
    <br>
    <input type="submit">
</form>
<h1> List of your Entries</h1>

<div class="row">
    <ul class="thumbnails">

@foreach($entries as $entry)

<div class="col-md-2">
    <div class="thumbnail">
         <img src="{{route('getentry', $entry->filename ) }}" alt="ALT NAME" class="img-responsive" /> 

                     <p>{{ $entry->description }} </p>

                     <a href="{{ URL::to('download') }}" download="{{$entry->original_filename}}">{{$entry->original_filename}}</a>

            </div>
        </div>


 @endforeach
 </ul>
 </div>


nI@endsection

提前谢谢你们^^

推荐答案

通过发出以下命令来创建FormRequest对象:

Make a FormRequest object by issuing the following command:

php artisan make:request YourFormRequest

现在，在您的规则方法中:

Now, in your rules method:

/**
 * Get the validation rules that apply to the request.
 *
 * @return array
 */
public function rules()
{
    return [
        'filename' => 'mimes:pdf,doc,jpeg,png,docx',
        // and other validation rules...
    ];
}

现在更新您的控制器:

/**
 * Store the form values.
 * Don't forget to import the YourFormRequest class
 *
 * @param \App\Http\Requests\YourFormRequest $request
 * @return \Illuminate\Http\Redirect|string
 */
public function store(YourFormRequest $request)
{
    if($request->file('filename')) {
        $file = $request->file('filename');

        $fileName = $file->getClientOriginalName();
        $fileExt  = $file->getClientOriginalExtension();
        $fileMime = $file->getClientMimeType();

        // and rest of the file details

        // Move the file now
        $updatedFileName = $fileName.'.'.$fileExt;
        $file->move('path/to/destination/folder', $updatedFileName);

        // or using the Storage class, it is the same
        // as what you have written.
    }
}

更新1:

在您的YourFormRequest文件中，替换authorize方法:

In your YourFormRequest file, replace the authorize method:

/**
 * Authorize the request.
 *
 * @return bool
 */
public function authorize()
{
    return true; // replace false with true.
}

希望这对您有所帮助.干杯.

Hope this helps you out. Cheers.

这篇关于Laravel 5.1上传文件的安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！