| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166 |
- package org.jeecg.common.util.filter;
- import org.apache.commons.lang3.StringUtils;
- import org.springframework.web.multipart.MultipartFile;
- import java.io.InputStream;
- import java.util.HashMap;
- import java.util.Iterator;
- import java.util.regex.Matcher;
- import java.util.regex.Pattern;
- /**
- * @Description: TODO
- * @author: lsq
- * @date: 2021年08月09日 15:29
- */
- public class FileTypeFilter {
- //文件后缀
- private static String[] forbidType = {"jsp","php"};
- // 初始化文件头类型,不够的自行补充
- final static HashMap<String, String> fileTypeMap = new HashMap<>();
- static {
- fileTypeMap.put("3c25402070616765206c", "jsp");
- fileTypeMap.put("3c3f7068700a0a2f2a2a0a202a205048", "php");
- /* fileTypeMap.put("ffd8ffe000104a464946", "jpg");
- fileTypeMap.put("89504e470d0a1a0a0000", "png");
- fileTypeMap.put("47494638396126026f01", "gif");
- fileTypeMap.put("49492a00227105008037", "tif");
- fileTypeMap.put("424d228c010000000000", "bmp");
- fileTypeMap.put("424d8240090000000000", "bmp");
- fileTypeMap.put("424d8e1b030000000000", "bmp");
- fileTypeMap.put("41433130313500000000", "dwg");
- fileTypeMap.put("3c21444f435459504520", "html");
- fileTypeMap.put("3c21646f637479706520", "htm");
- fileTypeMap.put("48544d4c207b0d0a0942", "css");
- fileTypeMap.put("696b2e71623d696b2e71", "js");
- fileTypeMap.put("7b5c727466315c616e73", "rtf");
- fileTypeMap.put("38425053000100000000", "psd");
- fileTypeMap.put("46726f6d3a203d3f6762", "eml");
- fileTypeMap.put("d0cf11e0a1b11ae10000", "doc");
- fileTypeMap.put("5374616E64617264204A", "mdb");
- fileTypeMap.put("252150532D41646F6265", "ps");
- fileTypeMap.put("255044462d312e350d0a", "pdf");
- fileTypeMap.put("2e524d46000000120001", "rmvb");
- fileTypeMap.put("464c5601050000000900", "flv");
- fileTypeMap.put("00000020667479706d70", "mp4");
- fileTypeMap.put("49443303000000002176", "mp3");
- fileTypeMap.put("000001ba210001000180", "mpg");
- fileTypeMap.put("3026b2758e66cf11a6d9", "wmv");
- fileTypeMap.put("52494646e27807005741", "wav");
- fileTypeMap.put("52494646d07d60074156", "avi");
- fileTypeMap.put("4d546864000000060001", "mid");
- fileTypeMap.put("504b0304140000000800", "zip");
- fileTypeMap.put("526172211a0700cf9073", "rar");
- fileTypeMap.put("235468697320636f6e66", "ini");
- fileTypeMap.put("504b03040a0000000000", "jar");
- fileTypeMap.put("4d5a9000030000000400", "exe");
- fileTypeMap.put("3c25402070616765206c", "jsp");
- fileTypeMap.put("4d616e69666573742d56", "mf");
- fileTypeMap.put("3c3f786d6c2076657273", "xml");
- fileTypeMap.put("494e5345525420494e54", "sql");
- fileTypeMap.put("7061636b616765207765", "java");
- fileTypeMap.put("406563686f206f66660d", "bat");
- fileTypeMap.put("1f8b0800000000000000", "gz");
- fileTypeMap.put("6c6f67346a2e726f6f74", "properties");
- fileTypeMap.put("cafebabe0000002e0041", "class");
- fileTypeMap.put("49545346030000006000", "chm");
- fileTypeMap.put("04000000010000001300", "mxp");
- fileTypeMap.put("504b0304140006000800", "docx");
- fileTypeMap.put("6431303a637265617465", "torrent");
- fileTypeMap.put("6D6F6F76", "mov");
- fileTypeMap.put("FF575043", "wpd");
- fileTypeMap.put("CFAD12FEC5FD746F", "dbx");
- fileTypeMap.put("2142444E", "pst");
- fileTypeMap.put("AC9EBD8F", "qdf");
- fileTypeMap.put("E3828596", "pwl");
- fileTypeMap.put("2E7261FD", "ram");*/
- }
- /**
- * @param fileName
- * @return String
- * @description 通过文件后缀名获取文件类型
- */
- private static String getFileTypeBySuffix(String fileName) {
- return fileName.substring(fileName.lastIndexOf(".") + 1, fileName.length());
- }
- /**
- * 文件类型过滤
- *
- * @param file
- */
- public static void fileTypeFilter(MultipartFile file) throws Exception {
- String suffix = getFileType(file);
- for (String type : forbidType) {
- if (type.contains(suffix)) {
- throw new Exception("上传失败,文件类型异常:" + suffix);
- }
- }
- }
- /**
- * 通过读取文件头部获得文件类型
- *
- * @param file
- * @return 文件类型
- * @throws Exception
- */
- private static String getFileType(MultipartFile file) throws Exception {
- String fileExtendName = null;
- InputStream is;
- try {
- //is = new FileInputStream(file);
- is = file.getInputStream();
- byte[] b = new byte[10];
- is.read(b, 0, b.length);
- String fileTypeHex = String.valueOf(bytesToHexString(b));
- Iterator<String> keyIter = fileTypeMap.keySet().iterator();
- while (keyIter.hasNext()) {
- String key = keyIter.next();
- // 验证前5个字符比较
- if (key.toLowerCase().startsWith(fileTypeHex.toLowerCase().substring(0, 5))
- || fileTypeHex.toLowerCase().substring(0, 5).startsWith(key.toLowerCase())) {
- fileExtendName = fileTypeMap.get(key);
- break;
- }
- }
- // 如果不是上述类型,则判断扩展名
- if (StringUtils.isBlank(fileExtendName)) {
- String fileName = file.getOriginalFilename();
- return getFileTypeBySuffix(fileName);
- }
- is.close();
- return fileExtendName;
- } catch (Exception exception) {
- throw new Exception(exception.getMessage(), exception);
- }
- }
- /**
- * 获得文件头部字符串
- *
- * @param src
- * @return
- */
- private static String bytesToHexString(byte[] src) {
- StringBuilder stringBuilder = new StringBuilder();
- if (src == null || src.length <= 0) {
- return null;
- }
- for (int i = 0; i < src.length; i++) {
- int v = src[i] & 0xFF;
- String hv = Integer.toHexString(v);
- if (hv.length() < 2) {
- stringBuilder.append(0);
- }
- stringBuilder.append(hv);
- }
- return stringBuilder.toString();
- }
- }
|
