Skip to content

G
gdtel-gztel-school-center
Commit 7583a635 by 伍思炜
Options

漏洞修复

parent fabcc654
Showing with 622 additions and 21 deletions
common/pom.xml
......@@ -125,6 +125,10 @@
<artifactId>unirest-java</artifactId>
<version>3.13.6</version>
</dependency>
<dependency>
<groupId>com.winsun.framework</groupId>
<artifactId>winsun-core-service</artifactId>
</dependency>
<!-- <dependency>-->
<!-- <groupId>com.github.ulisesbocchio</groupId>-->
<!-- <artifactId>jasypt-spring-boot-starter</artifactId>-->
......
common/src/main/java/com/winsun/bean/School.java
......@@ -222,6 +222,12 @@ public class School implements Serializable {
private String sjktcsj;
/**
* 老用户优惠套餐
*/
@TableField("lyhyh")
private String lyhyh;
/**
* 终端编码
*/
@TableField("app_id")
......@@ -233,5 +239,11 @@ public class School implements Serializable {
@TableField("app_key")
private String appKey;
/**
* 旧用户升级套餐二维码
*/
@TableField("package_qrcode")
private String packageQrcode;
}
common/src/main/java/com/winsun/outSideSystem/IntelligenceSendOrders.java
......@@ -1015,7 +1015,8 @@ public class IntelligenceSendOrders {
RestTemplate restTemplate = new RestTemplate();
log.info("提交参数:" + data);
Constant.trustEveryone();
responese = Unirest.get("http://132.97.20.21/query/query-order-info?" + url_data)
//responese = Unirest.get("http://132.97.20.21/query/query-order-info?" + url_data)
responese = Unirest.get("https://applet.mini189.cn/prod/query/query-order-info?" + url_data)
.header("Content-Type", "application/json")
.header("X-Sign", sign)
.asString();
......
common/src/main/java/com/winsun/shiro/ShiroUser.java 0 → 100644
package com.winsun.shiro;
import org.apache.commons.lang3.StringUtils;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
/**
* 自定义Authentication对象,使得Subject除了携带用户的登录名外还可以携带更多信息
*
* @author fengshuonan
* @date 2016年12月5日 上午10:26:43
*/
public class ShiroUser implements Serializable {
private static final long serialVersionUID = 1L;
public Integer id; // 主键ID
public String account; // 账号
public String name; // 姓名
public String phone; // 姓名
public Integer deptId; // 部门id
public String email; // 邮箱
public List<Integer> roleList; // 角色集
public String deptName; // 部门名称
public List<String> roleNames; // 角色名称集
public String roleId; //用户角色
public Integer level; //角色等级
public List<Integer> pids; //用户父部门集合
public String parentDeptName; //父部门名称
public String channelType; //渠道大类
public String salestaffId; //揽装工号
public String substName; //县分名称
public String branchName; //营服名称
public List<String> subTypeList; //渠道名称
public List<String> subTypeListDl; //大类渠道名称
private List<String> areaList; //所属片区
private List<String> gridNameList; //所属网格名称
private List<String> gridCodeList; //所属网格编码
private List<String> channelNameList; //所拥有网点名称
private String xfyfJson; //所属县分营服
private String yfpqJson; //所属营服片区
private List<String> operatorsList; //所属合作商
private String sqDeptId;//社区工单机构id
private String crmNum;//社区工单机构id
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getAccount() {
return account;
}
public void setAccount(String account) {
this.account = account;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getDeptId() {
return deptId;
}
public void setDeptId(Integer deptId) {
this.deptId = deptId;
}
public List<Integer> getRoleList() {
return roleList;
}
public void setRoleList(List<Integer> roleList) {
this.roleList = roleList;
}
public String getDeptName() {
return deptName;
}
public void setDeptName(String deptName) {
this.deptName = deptName;
}
public List<String> getRoleNames() {
return roleNames;
}
public void setRoleNames(List<String> roleNames) {
this.roleNames = roleNames;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public String getRoleId() {
return roleId;
}
public void setRoleId(String roleId) {
this.roleId = roleId;
}
public Integer getLevel() {
return level;
}
public void setLevel(Integer level) {
this.level = level;
}
public List<Integer> getPids() {
return pids;
}
public void setPids(List<Integer> pids) {
this.pids = pids;
}
public String getParentDeptName() {
return parentDeptName;
}
public void setParentDeptName(String parentDeptName) {
this.parentDeptName = parentDeptName;
}
public String getChannelType() {
return channelType;
}
public void setChannelType(String channelType) {
this.channelType = channelType;
}
public String getSalestaffId() {
return salestaffId;
}
public void setSalestaffId(String salestaffId) {
this.salestaffId = salestaffId;
}
public String getSubstName() {
return substName;
}
public void setSubstName(String substName) {
this.substName = substName;
}
public String getBranchName() {
return branchName;
}
public void setBranchName(String branchName) {
this.branchName = branchName;
}
public List<String> getSubTypeList() {
return subTypeList;
}
public void setSubTypeList(List<String> subTypeList) {
this.subTypeList = subTypeList;
}
public List<String> getAreaList() {
return areaList;
}
public void setAreaList(List<String> areaList) {
this.areaList = areaList;
}
public List<String> getGridNameList() {
return gridNameList;
}
public void setGridNameList(List<String> gridNameList) {
this.gridNameList = gridNameList;
}
public List<String> getGridCodeList() {
return gridCodeList;
}
public void setGridCodeList(List<String> gridCodeList) {
this.gridCodeList = gridCodeList;
}
public String getXfyfJson() {
return xfyfJson;
}
public void setXfyfJson(String xfyfJson) {
this.xfyfJson = xfyfJson;
}
public String getYfpqJson() {
return yfpqJson;
}
public void setYfpqJson(String yfpqJson) {
this.yfpqJson = yfpqJson;
}
public List<String> getOperatorsList() {
return operatorsList;
}
public void setOperatorsList(List<String> operatorsList) {
this.operatorsList = operatorsList;
}
public List<String> getChannelNameList() {
return channelNameList;
}
public void setChannelNameList(List<String> channelNameList) {
this.channelNameList = channelNameList;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
/**
* @return the sqDeptId
*/
public String getSqDeptId() {
return sqDeptId;
}
/**
* @param sqDeptId the sqDeptId to set
*/
public void setSqDeptId(String sqDeptId) {
this.sqDeptId = sqDeptId;
}
public String getCrmNum() {
return crmNum;
}
public void setCrmNum(String crmNum) {
this.crmNum = crmNum;
}
public List<String> getSubTypeListDl() {
return subTypeListDl;
}
public void setSubTypeListDl(List<String> subTypeListDl) {
this.subTypeListDl = subTypeListDl;
}
//实体渠道用户角色权限
public void getUserRoleScope(Map<String, Object> map) {
Integer level = getLevel();
//超级管理员,市公司管理岗,渠道主健团队 等级1 2 3
if (level > 0 && level <= 3) {
if (map.get("subst_name") == null)
map.put("subst_name", "");
if (map.get("branch_name") == null)
map.put("branch_name", "");
map.put("account", "");
}
//县分管理岗,县分主战团队 等级4 5
else if (level > 3 && level <= 5) {
map.put("subst_name", getSubstName());
if (map.get("branch_name") == null)
map.put("branch_name", "");
map.put("account", "");
}
//营服管理岗 6
else if (level == 6) {
map.put("subst_name", getSubstName());
map.put("branch_name", getBranchName());
map.put("account", "");
}
//机构管理员 -1
else if (level == -1) {
//县分岗
//"".equals(getBranchName())
if (!"全市".equals(getSubstName()) && StringUtils.isBlank(getBranchName())) {
map.put("subst_name", getSubstName());
}
//营服岗
else if (!"全市".equals(getSubstName()) && !StringUtils.isBlank(getBranchName())){
map.put("subst_name", getSubstName());
map.put("branch_name", getBranchName());
}
map.put("account", "");
}else {
map.put("subst_name", getSubstName());
map.put("branch_name", getBranchName());
map.put("account", getAccount());
List<String> subTypeList = getSubTypeList();
if (subTypeList.size() == 1 && StringUtils.isBlank(subTypeList.get(0))) {
map.put("subTypeList", new ArrayList());
} else {
map.put("subTypeList", getSubTypeList());
}
}
}
}
common/src/main/java/com/winsun/utils/AccLoginUtil.java 0 → 100644
package com.winsun.utils;
import java.io.Serializable;
import java.util.HashMap;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import com.winsun.auth.core.base.tips.ErrorTip;
import com.winsun.auth.core.shiro.ShiroUser;
import com.winsun.auth.model.user.User;
import com.winsun.item.core.shiro.ShiroKit;
import org.apache.commons.collections4.map.PassiveExpiringMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.redis.core.RedisTemplate;
import com.winsun.item.core.common.constant.cache.RedisCacheKey;
import com.winsun.item.core.common.exception.PasswordErrorException;
import com.winsun.item.core.log.LogManager;
import com.winsun.item.core.log.factory.LogTaskFactory;
import com.winsun.item.core.shiro.CustomToken;
import static com.winsun.auth.core.support.HttpKit.getIp;
public class AccLoginUtil {
private static final int MAX_SESSION_SIZE = 5;
private static Logger log = LoggerFactory.getLogger(AccLoginUtil.class);
public static String msg = "账号或密码或验证码错误,若重复多次错误请联系管理员。";
/**
* 普通登录
* @param subStaffId
* @param staffPwd
* @param user
* @return
* @throws Exception
*/
public static Object normalLogin(String subStaffId,String staffPwd,User user,String ipAddr,RedisTemplate<String, Object> redisTemplate,String exprie){
try {
Integer ipValue = (Integer) redisTemplate.opsForValue().get(RedisCacheKey.PASSWORD_ERROR_KEY + subStaffId);
if(ipValue != null && ipValue >= 4) {
throw new PasswordErrorException();
}
if (!user.getPassword().equals(ShiroKit.md5(staffPwd, user.getSalt()))) {
Long ipProhibition = ipProhibition(subStaffId, redisTemplate, exprie);
//return new ErrorTip(500, "账号密码错误"+ ipProhibition +"次!连续输入错误5次,将被冻结!");
return new ErrorTip(500, msg);
}
CustomToken adminPasswordToken = new CustomToken(subStaffId, staffPwd);
return subjectLogin(adminPasswordToken,ipAddr);
}
catch (PasswordErrorException e) {
//return new ErrorTip(500, "账号密码连续输入错误5次,已被冻结!");
return new ErrorTip(500, msg);
}
catch (Exception e) {
//return new ErrorTip(500, e.getMessage());
return new ErrorTip(500, msg);
}
}
/**
* 登录操作
* @param token
* @return
* @throws Exception
*/
public static HashMap<String, Object> subjectLogin(CustomToken token,String ipAddr) throws Exception{
Subject currentUser = ShiroKit.getSubject();
currentUser.login(token);
Serializable sessionId = ShiroKit.getSession().getId();
ShiroUser shiroUser = ShiroKit.getUser();
if(StringUtils.isNoneBlank(ipAddr)) {
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), ipAddr));
}else {
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
}
//LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
ShiroKit.getSession().setAttribute("sessionFlag", true);
HashMap<String, Object> result = new HashMap<>();
/*
String account = shiroUser.getAccount();
Queue<Session> queue = sessionMapQueue.get(account);
if (queue == null) {
queue = new LinkedList<>();
queue.offer(ShiroKit.getSession());
sessionMapQueue.put(account,queue);
} else {
if (queue.size() == MAX_SESSION_SIZE) {
Session pollSession = queue.poll();
pollSession.setTimeout(1);
}
queue.offer(ShiroKit.getSession());
}
*/
result.put("sessionId", sessionId.toString());
result.put("currentUser", shiroUser.getName());
result.put("phone", shiroUser.getPhone());
result.put("account", shiroUser.getAccount());
result.put("dept", shiroUser.getDeptName());
result.put("deptId", shiroUser.getDeptId());
result.put("substName",shiroUser.getSubstName());
result.put("role", shiroUser.getRoleNames());
result.put("subType", shiroUser.getSubTypeList());
result.put("salestaffId", shiroUser.getSalestaffId());
if (shiroUser.getXfyfJson() != null) {
result.put("xfyf", shiroUser.getXfyfJson());
}
if (shiroUser.getYfpqJson() != null) {
result.put("yfpq", shiroUser.getYfpqJson());
}
if (shiroUser.getOperatorsList()!= null && shiroUser.getOperatorsList().size()!=0) {
result.put("operators",shiroUser.getOperatorsList());
}
result.put("code", 200);
result.put("message", "登陆成功!");
return result;
}
public static Long ipProhibition(String account,RedisTemplate<String, Object> redisTemplate,String exprie) throws PasswordErrorException,Exception {
synchronized (account) {
Integer ipValue = (Integer) redisTemplate.opsForValue().get(RedisCacheKey.PASSWORD_ERROR_KEY + account);
if(ipValue == null) {
redisTemplate.opsForValue().set(RedisCacheKey.PASSWORD_ERROR_KEY + account, 1, Long.valueOf(exprie), TimeUnit.SECONDS);
return (long) 1;
}else {
Long increment = redisTemplate.opsForValue().increment(RedisCacheKey.PASSWORD_ERROR_KEY + account, 1);
if(ipValue.intValue() >= 5) {
throw new PasswordErrorException();
}
return increment;
}
}
}
public static Long imageProhibition(String account,RedisTemplate<String, Object> redisTemplate) throws PasswordErrorException,Exception {
synchronized (account) {
Integer ipValue = (Integer) redisTemplate.opsForValue().get(RedisCacheKey.VALID_IMAGE_ERROR_KEY + account);
if(ipValue == null) {
redisTemplate.opsForValue().set(RedisCacheKey.VALID_IMAGE_ERROR_KEY + account, 1, Long.valueOf(60), TimeUnit.SECONDS);
return (long) 1;
}else {
Long increment = redisTemplate.opsForValue().increment(RedisCacheKey.VALID_IMAGE_ERROR_KEY + account, 1);
if(ipValue.intValue() >= 3) {
throw new PasswordErrorException();
}
return increment;
}
}
}
}
core-service/src/main/java/com/winsun/item/modular/intercept/LoginInterceptor.java
......@@ -157,6 +157,7 @@ public class LoginInterceptor extends HandlerInterceptorAdapter {
writer.write(toJSON.toString());
return false;
}
stringRedisTemplate.delete(username + CODE);
return true;
}
......
core-service/src/main/java/com/winsun/item/modular/system/controller/GetPhoneCodeController.java
package com.winsun.item.modular.system.controller;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.baomidou.mybatisplus.mapper.Wrapper;
import com.esotericsoftware.minlog.Log;
import com.winsun.auth.core.base.controller.BaseController;
import com.winsun.auth.core.base.tips.ErrorTip;
import com.winsun.auth.core.common.model.ResponseData;
import com.winsun.auth.core.support.HttpKit;
import com.winsun.auth.core.util.DateUtil;
import com.winsun.auth.model.user.User;
import com.winsun.bean.AuthCode;
import com.winsun.item.core.shiro.ShiroKit;
import com.winsun.item.core.util.ResponseEntity;
import com.winsun.item.core.util.*;
import com.winsun.item.modular.system.service.IUserService;
import com.winsun.item.modular.system.service.impl.AccServiceImpl;
import com.winsun.item.util.LoginUtils;
import com.winsun.mapper.AuthCodeMapper;
import com.winsun.smsUtils.SendSmsAndMail;
......@@ -17,13 +22,22 @@ import com.winsun.utils.MyBatisPlusUpdateUtils;
import com.winsun.utils.RandomUtil;
import com.winsun.utils.SaveAuthCodeUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.util.CollectionUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.security.interfaces.RSAPrivateKey;
import org.springframework.beans.factory.annotation.Value;
import java.util.Date;
import java.util.HashMap;
......@@ -50,6 +64,9 @@ public class GetPhoneCodeController extends BaseController {
@Autowired
private SaveAuthCodeUtil saveAuthCodeUtil;
@Autowired
RedisTemplate<String, Object> redisTemplate;
//登录验证码标识
private static String CODE = "getPhoneCode";
......@@ -61,13 +78,19 @@ public class GetPhoneCodeController extends BaseController {
//短信验证码输入错误次数
private static int ERRACCOUNT = 10;
@Value("${spring.redis.ip.exprie}")
private String exprie;
public static String msg = "账号或密码或验证码错误,若重复多次错误请联系管理员。";
//获取手机登录验证码
@RequestMapping(value = "/getPhoneCode", method = RequestMethod.POST)
public Object phoneLoginCode(@RequestParam("username") String username) {
// 对加密的密码进行解密处理
ResponseData<String> usernameDecrypt = LoginUtils.pwdDecrypt(username);
if (!usernameDecrypt.isSuccess()) {
return ResponseEntity.newJSON("code", 400, "message", "密码或者账号错误!");
//return ResponseEntity.newJSON("code", 400, "message", "密码或者账号错误!");
return ResponseEntity.newJSON("code", 200, "message", "操作成功");
}
username = usernameDecrypt.getData();
......@@ -76,7 +99,8 @@ public class GetPhoneCodeController extends BaseController {
userwrapper.eq("status", "1");
List<User> users = userService.selectList(userwrapper);
if (CollectionUtils.isEmpty(users)) {
return ResponseEntity.newJSON("code", 400, "message", "密码或者账号错误!");
//return ResponseEntity.newJSON("code", 400, "message", "密码或者账号错误!");
return ResponseEntity.newJSON("code", 200, "message", "操作成功");
}
User user = users.get(0);
//5分钟内有效
......@@ -85,7 +109,7 @@ public class GetPhoneCodeController extends BaseController {
if (username.equals("admin")) {
//只有admin验证码有后门 验证码规则:当前月份日期小时例如 011415
verificationCode = DateUtil.formatDate(new Date(), "MMddHH");
} else if(username.equals("18027212525")) {
} else if (username.equals("18027212525")) {
verificationCode = DateUtil.formatDate(new Date(), "MMddHH");
} else {
verificationCode = String.valueOf((int) ((RandomUtil.getSecrityRandom() * 9 + 1) * 100000));
......@@ -98,23 +122,25 @@ public class GetPhoneCodeController extends BaseController {
}
stringRedisTemplate.opsForValue().set(code, verificationCode, CODETIME, TimeUnit.MILLISECONDS);
Map<String, Object> sent = new HashMap<>();
sent.put("code", 400);
sent.put("code", 200);
try {
if (username.equals("admin")) {
sent.put("message", "发送成功");
sent.put("code", 200);
sent.put("message", "操作成功");
//sent.put("code", 200);
} else {
if (user.getPhone().length() == 11) {
saveAuthCodeUtil.saveAuthCode(user.getPhone(), verificationCode); //临时保存数据库
SendSmsAndMail.sendSms(user.getPhone(), verificationCode, "","7");
sent.put("message", "发送成功");
sent.put("code", 200);
SendSmsAndMail.sendSms(user.getPhone(), verificationCode, "", "7");
sent.put("message", "操作成功");
//sent.put("code", 200);
} else {
sent.put("message", "当前用户手机号码不合法!");
log.info("当前用户手机号码不合法!");
sent.put("message", "操作成功");
}
}
} catch (Exception e) {
log.info("错误信息:{}", e.getMessage());
sent.put("code", 400);
sent.put("message", "手机短信发送失败");
}
......
core-service/src/main/java/com/winsun/item/modular/system/controller/LoginPwdController.java
......@@ -360,7 +360,8 @@ public class LoginPwdController extends BaseController {
List<User> users = userService.selectList(userwrapper);
if (CollectionUtils.isEmpty(users)) {
// return ResponseEntity.newJSON("code", 400, "message", "密码或者账号错误!");
return ResponseEntity.newJSON("code", 400, "message", "账号不存在!");
//return ResponseEntity.newJSON("code", 400, "message", "账号不存在!");
return ResponseEntity.newJSON("code", 200, "message", "操作成功");
}
User user = users.get(0);
//5分钟内有效
......@@ -377,19 +378,21 @@ public class LoginPwdController extends BaseController {
}
stringRedisTemplate.opsForValue().set(code, verificationCode, CODETIME, TimeUnit.MILLISECONDS);
Map<String, Object> sent = new HashMap<>();
sent.put("code", 400);
sent.put("code", 200);
try {
if (user.getPhone().length() == 11) {
SendSmsAndMail.sendSms(user.getPhone(), verificationCode, "", "7");
sent.put("message", "操作成功");
// sent.put("message", "发送成功");
sent.put("code", 200);
//sent.put("code", 200);
} else {
sent.put("message", "当前用户手机号码不合法!");
log.info("错误信息:{}" + "当前用户手机号码不合法!");
sent.put("message", "操作成功");
}
} catch (Exception e) {
log.info("错误信息:{}" + e.getMessage(), e);
log.info("错误信息:{手机短信发送失败}" + e.getMessage(), e);
sent.put("code", 400);
sent.put("message", "手机短信发送失败");
}
......
core-service/src/test/java/com/winsun/sendSms/sendSms.java
......@@ -12,6 +12,7 @@ import com.winsun.mapper.OrderCardAddressMapper;
import com.winsun.mapper.OrderMapper;
import com.winsun.mapper.SchoolMapper;
import com.winsun.outSideSystem.IntelligenceSendOrders;
import com.winsun.utils.MD5Util;
import com.winsun.utils.RSAUtils;
import kong.unirest.HttpResponse;
......@@ -63,6 +64,9 @@ public class sendSms {
@Autowired
public RedisTemplate redisTemplate;
@Autowired
private IntelligenceSendOrders intelligenceSendOrders;
final static String publicKey =
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok8DnvM2OBwtzNoJb4nA" +
"jn4lgCkSxLyRw5lLiUfsi+40h00CGAC1arvbinTTbtrSnm4YDYlaJwveiOeDKdk0" +
......@@ -316,9 +320,7 @@ public class sendSms {
}
@Test
public void send() {
SimpleDateFormat hour = new SimpleDateFormat("HH");
Date date = new Date();
System.out.println(date.getHours()-2);
public void send() throws Exception {
System.out.println(intelligenceSendOrders.queryStatus("220118142900fuqyug2w"));
}
}
new-user/src/main/java/com/winsun/controller/StartSelectController.java
......@@ -82,6 +82,7 @@ public class StartSelectController {
UserSchool userSchool = userSchoolMapper.selectById(id);
if(userSchool != null){
School school = schoolMapper.selectById(userSchool.getSchoolId());
System.out.println(school);
return ResponseData.success(school);
}
return ResponseData.error("没有查询相关的合伙人id的信息!!!");
......
service-manager/src/main/java/com/winsun/controller/SchoolManagementController.java
......@@ -293,6 +293,49 @@ public class SchoolManagementController extends BaseController {
}
}
}
@Permission(menuname = "上传二维码", value = "qrcodeUpload2", method = RequestMethod.POST)
public ResponseData<String> xiaotuUpload2(@RequestParam(value = "file") MultipartFile file, @RequestParam(value = "id", required = false) String id) {
String backgroundpath = FilePath.BACKGROUNDIMG.getValue() + "/" + DEFAULTPATH;
File dir = new File(backgroundpath);
if (!dir.exists()) {
dir.mkdirs();
}
if (!StringUtils.endsWithAny(file.getOriginalFilename(), "jpg", "jpeg", "png", "gif")) {
return ResponseData.error("上传失败,仅支持jpg、jpeg、png");
}
if ((double) file.getSize() / 1048576 > 100) {
return ResponseData.error("图片过大,无法上传");
}
School school1 = schoolMapper.selectById(id);
File savePath = new File(backgroundpath, school1.getId() + FILENAME);
OutputStream os = null;
try {
os = new FileOutputStream(savePath);
os.write(file.getBytes());
os.flush();
Wrapper<School> wrapper = new EntityWrapper<>();
wrapper.eq("id", id);
School school = schoolMapper.selectById(id);
Map<String, Object> map = new HashMap<>();
map.put("package_qrcode", backgroundpath + school.getId() + FILENAME);
Integer integer = schoolMapper.updateForSet(MyBatisPlusUpdateUtils.toUpdateSet(map), wrapper);
if (integer != 1) {
return ResponseData.error("上传失败!");
}
return ResponseData.success("上传成功");
} catch (Exception e) {
log.error("上传文件失败:" + e.getMessage(), e);
return ResponseData.error("上传失败" + e.getMessage());
} finally {
if (os != null) {
try {
os.close();
} catch (Exception e) {
}
}
}
}
@RequestMapping(name = "获取县分下拉列表", value = "substList", method = RequestMethod.POST)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment