/// <summary> /// 增加一条数据 /// </summary> public int Add(BCW.MobileSlider.Model.MobileSlider model) { return(dal.Add(model)); }
/// <summary> /// 更新一条数据 /// </summary> public bool Update(BCW.MobileSlider.Model.MobileSlider model) { return(dal.Update(model)); }
/// <summary> /// 上传文件 /// </summary> private void SaveFiles(string _contentType, string _params) { int AddNum = 0; //遍历File表单元素 System.Web.HttpFileCollection files = System.Web.HttpContext.Current.Request.Files; //int j = 1; int j = files.Count; try { string GetFiles = string.Empty; for (int iFile = files.Count - 1; iFile > -1; iFile--) { //检查文件扩展名字 System.Web.HttpPostedFile postedFile = files[iFile]; string fileName, fileExtension; fileName = System.IO.Path.GetFileName(postedFile.FileName); //上传的文件名字 string UpExt = ".jpg,.jpeg,.png,.bmp"; //文件格式a int UpLength = Convert.ToInt32(ub.GetSub("UpaMaxFileSize", xmlPath)); //文件大小限制 if (fileName != "") { fileExtension = System.IO.Path.GetExtension(fileName).ToLower(); //检查是否允许上传格式 if (UpExt.IndexOf(fileExtension) == -1) { continue; } //非法上传 if (fileExtension == ".asp" || fileExtension == ".aspx" || fileExtension == ".jsp" || fileExtension == ".php" || fileExtension == ".asa" || fileExtension == ".cer" || fileExtension == ".cdx" || fileExtension == ".htr" || fileExtension == ".exe") { continue; } if (postedFile.ContentLength > Convert.ToInt32(UpLength * 1024)) //超过文件大小限制 { continue; } string DirPath = string.Empty; string prevDirPath = string.Empty; string Path = "/Files/Mobile/Slider"; int IsVerify = 0; if (FileTool.CreateDirectory(Path, out DirPath)) { //生成随机文件名 fileName = DT.getDateTimeNum() + iFile + fileExtension;//现在系统时间+数组下标+文件后缀名 string SavePath = System.Web.HttpContext.Current.Request.MapPath(DirPath) + fileName; postedFile.SaveAs(SavePath); //=============================图片木马检测,包括TXT=========================== string vSavePath = SavePath; if (fileExtension == ".jpg" || fileExtension == ".jpeg" || fileExtension == ".png" || fileExtension == ".bmp") //加点 { bool IsPass = true; System.IO.StreamReader sr = new System.IO.StreamReader(vSavePath, System.Text.Encoding.Default); string strContent = sr.ReadToEnd().ToLower(); sr.Close(); string str = "system.|request|javascript|script |script>|.getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|.saveas|wscript.shell|script.encode|server.|.createobject|execute|activexobject|language="; foreach (string s in str.Split('|')) { if (strContent.IndexOf(s) != -1) { System.IO.File.Delete(vSavePath); IsPass = false; break; } } if (IsPass == false) { continue; } } //=============================图片木马检测完毕,包括TXT=========================== BCW.MobileSlider.Model.MobileSlider model = new BCW.MobileSlider.Model.MobileSlider(); model.url = DirPath + fileName; model.contentType = _contentType; model.param = _params; model.ptype = pType; new BCW.MobileSlider.BLL.MobileSlider().Add(model); DataSet _ds = new BCW.MobileSlider.BLL.MobileSlider().GetList(1, "", "id desc"); if (_ds.Tables[0].Rows.Count > 0) { int mid = int.Parse(_ds.Tables[0].Rows[0]["id"].ToString()); BCW.MobileSlider.Model.MobileSlider _model2 = new BCW.MobileSlider.BLL.MobileSlider().GetModel(mid); _model2.sortid = _model2.id; new BCW.MobileSlider.BLL.MobileSlider().Update(_model2); } } //j++; j--; } } } catch { } }