update to v1.0.34-release

2025-01-09 04:27:56 +08:00 · 2020-05-19 08:49:26 +08:00 · 2020-05-19 08:49:26 +08:00 · c00d7c20f3
commit c00d7c20f3
parent c6d9e3e8d3
13 changed files with 48 additions and 35 deletions
--- a/README.md
+++ b/README.md
@ -1,7 +1,7 @@
 ## 欢迎访问kiftd源代码资源库！
 ### Welcome to visit source of kiftd!

-_当前版本：v1.0.33-RELEASE_
+_当前版本：v1.0.34-RELEASE_

 ### 简介
 _kiftd——一款便捷、开源、功能完善的个人&团队&小型团队网盘服务器系统。_
@ -72,5 +72,5 @@ _提示：源代码路径下包含了一些程序运行所需的非源代码资
 ### 联系作者？
 如有任何需要（例如对该资源有疑问、意见或建议），请发件联系作者： kohgylw@163.com （青阳龙野），随时恭候您的来信！

-青阳龙野@kohgylw by 2020年05月18日
+青阳龙野@kohgylw by 2020年05月19日

--- a/TODO.txt
+++ b/TODO.txt
@ -168,3 +168,9 @@ test.auth.xxx=ucd
 --------------
 【已完成】修复了”图片预览“功能中存在的一个HTML注入安全性漏洞。
 【已完成】进一步完善了文件系统对于特殊符号的处理。
+
+已完成 v1.0.34
+--------------
+【已完成】完善了文件系统——确保当上传的文件夹中含有特殊字符时，如果上传路径中存在重名文件夹，选择“保留两者”时能够正确上传。
+【已完成】修复了“上传文件夹”功能中存在的一个非法命名漏洞。
+【已完成】其他一些细节优化。
--- a/pom.xml
+++ b/pom.xml
@ -4,7 +4,7 @@

 	<groupId>kohgylw</groupId>
 	<artifactId>kiftd</artifactId>
-	<version>1.0.33-RELEASE</version>
+	<version>1.0.34-RELEASE</version>
 	<packaging>jar</packaging>

 	<name>kiftd</name>
--- a/src/main/java/kohgylw/kiftd/server/service/impl/FolderServiceImpl.java
+++ b/src/main/java/kohgylw/kiftd/server/service/impl/FolderServiceImpl.java
@ -251,7 +251,7 @@ public class FolderServiceImpl implements FolderService {
 			cnfbnr.setResult("error");
 			return gson.toJson(cnfbnr);
 		}
-		if (!TextFormateUtil.instance().matcherFolderName(folderName)) {
+		if (folderName.equals(".") || folderName.equals("..")) {
 			cnfbnr.setResult("error");
 			return gson.toJson(cnfbnr);
 		}
--- a/src/main/java/kohgylw/kiftd/server/util/FolderUtil.java
+++ b/src/main/java/kohgylw/kiftd/server/util/FolderUtil.java
@ -95,6 +95,9 @@ public class FolderUtil {
 		if (parentId == null || folderName == null || parentId.length() <= 0 || folderName.length() <= 0) {
 			return null;
 		}
+		if (folderName.equals(".") || folderName.equals("..")) {
+			return null;
+		}
 		final Folder parentFolder = this.fm.queryById(parentId);
 		if (parentFolder == null) {
 			return null;
@ -296,7 +299,7 @@ public class FolderUtil {
 		pl.append(f.getFolderName());
 		return pl.toString();
 	}
-	
+
 	/**
 	 * 
 	 * <h2>迭代修改子文件夹约束</h2>
--- a/target/classes/META-INF/MANIFEST.MF
+++ b/target/classes/META-INF/MANIFEST.MF
@ -1,6 +1,6 @@
 Manifest-Version: 1.0
 Implementation-Title: kiftd
-Implementation-Version: 1.0.33-RELEASE
+Implementation-Version: 1.0.34-RELEASE
 Built-By: kohgylw
 Implementation-Vendor-Id: kohgylw
 Class-Path: libs/spring-boot-starter-web-2.0.2.RELEASE.jar libs/spring
--- a/target/classes/META-INF/maven/kohgylw/kiftd/pom.properties
+++ b/target/classes/META-INF/maven/kohgylw/kiftd/pom.properties
@ -1,6 +1,6 @@
 #Generated by Maven Integration for Eclipse
-#Mon May 18 11:24:41 CST 2020
-version=1.0.33-RELEASE
+#Tue May 19 08:45:41 CST 2020
+version=1.0.34-RELEASE
 groupId=kohgylw
 m2e.projectName=kiftd
 m2e.projectLocation=/Users/kohgylw/program/java-workspace/kiftd
--- a/target/classes/META-INF/maven/kohgylw/kiftd/pom.xml
+++ b/target/classes/META-INF/maven/kohgylw/kiftd/pom.xml
@ -4,7 +4,7 @@

 	<groupId>kohgylw</groupId>
 	<artifactId>kiftd</artifactId>
-	<version>1.0.33-RELEASE</version>
+	<version>1.0.34-RELEASE</version>
 	<packaging>jar</packaging>

 	<name>kiftd</name>
--- a/target/classes/kohgylw/kiftd/server/service/impl/FolderServiceImpl.class
+++ b/target/classes/kohgylw/kiftd/server/service/impl/FolderServiceImpl.class
--- a/target/classes/kohgylw/kiftd/server/util/FolderUtil.class
+++ b/target/classes/kohgylw/kiftd/server/util/FolderUtil.class
--- a/webContext/home.html
+++ b/webContext/home.html
@ -1,5 +1,5 @@
 <!doctype html>
-<!-- 青阳网络文件传输系统 kiftd v1.0.33-RELEASE -->
+<!-- 青阳网络文件传输系统 kiftd v1.0.34-RELEASE -->
 <!-- 欢迎访问主界面 -->
 <!-- by 青阳龙野（kohgylw@163.com） -->
 <html>
@ -101,32 +101,34 @@
 											class="glyphicon glyphicon-cog"></span> 操作 <span
 											class="caret"></span></a>
 										<ul class="dropdown-menu" id="fileListDropDown">
-											<li id="uploadFileButtonLi"><a href="javascript:void(0);">上传文件 <span
-													class="pull-right"><span
+											<li id="uploadFileButtonLi"><a
+												href="javascript:void(0);">上传文件 <span class="pull-right"><span
 														class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+U</span></a></li>
-											<li id="uploadFolderButtonLi"><a href="javascript:void(0);">上传文件夹 <span
+											<li id="uploadFolderButtonLi"><a
+												href="javascript:void(0);">上传文件夹 <span
 													class="pull-right"><span
 														class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+F</span></a></li>
 											<li role="separator" class="divider"></li>
-											<li id="createFolderButtonLi"><a href="javascript:void(0);">新建文件夹 <span
+											<li id="createFolderButtonLi"><a
+												href="javascript:void(0);">新建文件夹 <span
 													class="pull-right"><span
 														class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+N</span></a></li>
 											<li role="separator" class="divider"></li>
-											<li id="copyFileButtonLi"><a href="javascript:void(0);"><span id='copySignTx'>复制
-														<span class="pull-right"><span
+											<li id="copyFileButtonLi"><a href="javascript:void(0);"><span
+													id='copySignTx'>复制 <span class="pull-right"><span
 															class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+C</span>
 												</span></a></li>
-											<li id="cutFileButtonLi"><a href="javascript:void(0);"><span id='cutSignTx'>剪切
-														<span class="pull-right"><span
+											<li id="cutFileButtonLi"><a href="javascript:void(0);"><span
+													id='cutSignTx'>剪切 <span class="pull-right"><span
 															class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+X</span>
 												</span></a></li>
-											<li id="stickFileButtonLi" class="hidden"><a href="javascript:void(0);"><span
-													id='stickSignTx'>粘贴<span id="stickFilesCount"></span>
-														<span class="pull-right"><span
+											<li id="stickFileButtonLi" class="hidden"><a
+												href="javascript:void(0);"><span id='stickSignTx'>粘贴<span
+														id="stickFilesCount"></span> <span class="pull-right"><span
 															class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+V</span>
 												</span></a></li>
-											<li id="deleteSeelectFileButtonLi"><a href="javascript:void(0);">删除 <span
-													class="pull-right"><span
+											<li id="deleteSeelectFileButtonLi"><a
+												href="javascript:void(0);">删除 <span class="pull-right"><span
 														class="glyphicon glyphicon-arrow-up" aria-hidden="true"></span>+D</span></a></li>
 										</ul></li>
 								</ul>
@ -293,7 +295,8 @@
 					<h5 id="deleteFolderMessage"></h5>
 				</div>
 				<div class="modal-footer">
-					<button id="cancelDeleteFolderBtn" type="button" class="btn btn-default" data-dismiss="modal">取消</button>
+					<button id="cancelDeleteFolderBtn" type="button"
+						class="btn btn-default" data-dismiss="modal">取消</button>
 					<span id="deleteFolderBox"></span>
 				</div>
 			</div>
@ -545,7 +548,8 @@
 					<h5 id="deleteFileMessage" class="wordbreak"></h5>
 				</div>
 				<div class="modal-footer">
-					<button id="cancelDeleteFileBox" type="button" class="btn btn-default" data-dismiss="modal">取消</button>
+					<button id="cancelDeleteFileBox" type="button"
+						class="btn btn-default" data-dismiss="modal">取消</button>
 					<span id="deleteFileBox"></span>
 				</div>
 			</div>
@ -609,7 +613,8 @@
 					</h5>
 				</div>
 				<div class="modal-footer">
-					<button id="cancelDownloadAllCheckedBtn" type="button" class="btn btn-default" data-dismiss="modal">取消</button>
+					<button id="cancelDownloadAllCheckedBtn" type="button"
+						class="btn btn-default" data-dismiss="modal">取消</button>
 					<span id="downloadAllCheckedBox"></span>
 				</div>
 			</div>
@ -698,7 +703,8 @@
 					</div>
 				</div>
 				<div class="modal-footer">
-					<button id="cancelMoveFilesBtn" type="button" class="btn btn-default" data-dismiss="modal">取消</button>
+					<button id="cancelMoveFilesBtn" type="button"
+						class="btn btn-default" data-dismiss="modal">取消</button>
 					<span id="moveFilesBox"></span>
 				</div>
 			</div>
--- a/webContext/js/home.js
+++ b/webContext/js/home.js
@ -3010,8 +3010,7 @@ function getDownloadURL() {
 							+ window.location.host
 							+ "/externalLinksController/downloadFileByKey/"
 							+ encodeURIComponent(getDownloadFileName.replace(
-									/\'/g, '').replace(/\r/g, "").replace(
-									/\n/g, "")) + "?dkey=" + result;
+									/\\/g, "_")) + "?dkey=" + result;
 					// 显示链接内容
 					$("#downloadHrefBox").html(
 							"<a href='" + dlurl + "'>" + dlurl + "</a>");
@ -3541,9 +3540,8 @@ function getFileChain(fileId, fileName) {
 								+ "//"
 								+ window.location.host
 								+ "/externalLinksController/chain/"
-								+ encodeURIComponent(fileName
-										.replace(/\'/g, '').replace(/\r/g, "")
-										.replace(/\n/g, "")) + "?ckey="
+								+ encodeURIComponent(fileName.replace(/\\/g,
+										"_")) + "?ckey="
 								+ encodeURIComponent(result));
 				$("#copyChainBtn").attr('disabled', false);
 				break;
@ -3819,7 +3817,7 @@ function updateTheFolderInfo() {

 // 替换所有引号，将其进一步转义，主要用于传递带引号的文件名
 function replaceAllQuotationMarks(txt) {
-	return txt.replace(/\"/g, "\\\"");
+	return txt.replace(/\\/g, "\\\\").replace(/\"/g, "\\\"");
 }

 // 对所有可能进入html的字符串进行转义操作
--- a/webContext/js/home.min.js
+++ b/webContext/js/home.min.js