禁止上传php或者图片混合php木马

This commit is contained in:
augushong
2019-10-28 09:37:10 +08:00
parent 7b7823822f
commit 4e02b8c772

View File

@@ -35,6 +35,20 @@ class Files extends BaseController
$file = request()->file('file');
$file_extension = $file->extension();
if($file_extension == 'php'){
return json_message('上传文件异常');
}
$file_path = $file->getRealPath();
$file_content = file_get_contents($file_path);
if(strpos($file_content,'<?php') !== false){
return json_message('上传文件异常');
}
if(empty($file)){
return json_message('上传失败');
}