合并代码

2 years ago · 0f6f519ac1
3 changed files with 43 additions and 26 deletions
--- a/24Hour/Controllers/Common/CommonController.cs
+++ b/24Hour/Controllers/Common/CommonController.cs
@ -1,6 +1,7 @@
 using AutoMapper;
 using com.sun.org.apache.xalan.@internal.xsltc.runtime;
 using com.sun.tools.@internal.xjc.api;
 using com.sun.xml.@internal.ws.developer;
 using Elight.Entity;
 using Elight.Entity.SystemModel;
 using Elight.Logic;
@ -13,14 +14,17 @@ using java.util;
 using javax.smartcardio;
 using javax.xml.crypto;
 using jdk.nashorn.@internal.ir;
 using MathNet.Numerics.LinearAlgebra;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using NPOI.SS.Formula.Functions;
 using Quartz.Logging;
 using SqlSugar;
 using sun.security.x509;
 using System.Drawing.Printing;
 using System.Security.AccessControl;
 using static com.sun.tools.@internal.xjc.reader.xmlschema.bindinfo.BIConversion;
 using static javax.jws.soap.SOAPBinding;
 using static sun.font.LayoutPathImpl;
 using User = Elight.Utility.User;
@ -2739,19 +2743,34 @@ namespace _24Hour.Controllers.Common
        #endregion
        #region 文件上传
        /// <summary>
        /// 通用文件下载接口
        /// </summary>
        /// <param name="filename"></param>
        /// <returns></returns>
        [HttpGet]
        [Route("RequestDownloadFile")]
        public IActionResult RequestDownloadFile(string filename) //[FromBody] dynamic Json
        {
-            var FileName = System.IO.Path.GetFileName(filename);
+            if (System.IO.File.Exists(filename))
-            var currentDate = DateTime.Now;
+            {
-
+                filename = filename.Replace(@"\\",@"\");
-            var FilePath = filename;
+                var data = System.IO.Path.Combine(Environment.CurrentDirectory, "wwwroot");
-
+                if (filename.Contains(data)==false)
-            return new FileStreamResult(new FileStream(FilePath, FileMode.Open), "application/octet-stream") { FileDownloadName = FileName };
+                {
                    return BadRequest();
                }
                var FileName = System.IO.Path.GetFileName(filename);
                var FilePath = filename;
                return new FileStreamResult(new FileStream(FilePath, FileMode.Open), "application/octet-stream") { FileDownloadName = FileName };
            }
            else
            {
                return BadRequest();
            }
        }
-        private string[] AllowedExtensions = new string[] { ".png", ".jpg", ".jpeg", ".bmp",".xlsx",".aks"};
+        private readonly string[] AllowedExtensions = new string[] { ".png", ".jpg", ".jpeg", ".bmp", ".xlsx", ".aks" };
        /// <summary>
        /// 文件上传--附件
        /// <param name="file"></param>
@ -2777,16 +2796,13 @@ namespace _24Hour.Controllers.Common
                    var fname = $@"{file.FileName}";
                    var hzname = $"{Path.GetExtension(fname)}";
-
+                  
                    if (AllowedExtensions.Contains(hzname.ToLower()) == false)
                    {
                        outParm.IsSucceed = false;
                        outParm.Message = "不被允许的文件格式!";
                        return Json(outParm);
                    }
                    var _path = Path.Combine("CaseFile", "card", DateTime.Now.ToString("yyyy-MM-dd"));
                    var dic = Path.Combine(Environment.CurrentDirectory, "wwwroot", _path);
@ -2832,10 +2848,10 @@ namespace _24Hour.Controllers.Common
        [Route("GetImageFile")]
        public async Task<Result> GetImageFile(string file)
        {
-    
+
            Result result = new Result();
            var urlpath = file.Replace("/", @"\");
-            var path = Path.Combine(Environment.CurrentDirectory, "wwwroot"+urlpath);
+            var path = Path.Combine(Environment.CurrentDirectory, "wwwroot" + urlpath);
            if (System.IO.File.Exists(path))
            {
                var str = Elight.Utility.Encrypt.DataEncryption.Decryptiones(path);
@ -2888,7 +2904,7 @@ namespace _24Hour.Controllers.Common
                });
                result.IsSucceed = true;
                result.result = data;
-             
+
            }
            catch
            {
--- a/24Hour/Controllers/LoginController.cs
+++ b/24Hour/Controllers/LoginController.cs
@ -512,7 +512,7 @@ namespace _24Hour.Controllers
                        _db.BeginTran();
                        data.audit = 2;
                        data.describe = "";
-                        data.photo = "/CaseFile/resource/headicon.png";
+                        data.photo = "/CaseFile/resource/headicon.aks";
                        data.name = UserModel.name;
                        data.sex = UserModel.sex;
                        data.phone = UserModel.phone;
@ -554,7 +554,7 @@ namespace _24Hour.Controllers
                        UserModel.audit = 2;
                        if (string.IsNullOrEmpty(UserModel.photo))
                        {
-                            UserModel.photo = "/CaseFile/resource/headicon.png";
+                            UserModel.photo = "/CaseFile/resource/headicon.aks";
                        }
                        //Ä¬ÈÏÃÜÂë
                        UserModel.Password = Elight.Utility.Encrypt.Md5.Encrypt32($"{UserModel.Password}").ToLower();
@ -598,7 +598,7 @@ namespace _24Hour.Controllers
                    if (string.IsNullOrEmpty(UserModel.photo))
                    {
-                        UserModel.photo = "/CaseFile/resource/headicon.png";
+                        UserModel.photo = "/CaseFile/resource/headicon.aks";
                    }
                    var num = await _db.Insertable(UserModel).ExecuteCommandAsync();
                    _db.CommitTran();
--- a/24Hour/WechatMessagerClient.cs
+++ b/24Hour/WechatMessagerClient.cs
@ -2,6 +2,7 @@
 using com.sun.xml.@internal.xsom;
 using Elight.Utility;
 using Elight.Utility.Code;
 using Elight.Utility.Encrypt;
 using Elight.Utility.Extensions;
 using java.lang.annotation;
 using java.util;
@ -9,6 +10,7 @@ using Microsoft.IdentityModel.Logging;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
 using System.Runtime.Caching;
 using System.Security.Cryptography;
 using static java.security.cert.CertPathValidatorException;
 namespace _24Hour
@ -56,15 +58,14 @@ namespace _24Hour
            httpCliet.DefaultRequestHeaders.ConnectionClose = true;
            _configuration = configuration;
-            appid = $"{configuration.GetSection("Wechat:appid").Value}";
+            appid =AES.Decrypt( $"{configuration.GetSection("Wechat:appid").Value}");
-            secret = $"{configuration.GetSection("Wechat:secret").Value}";
+            secret = AES.Decrypt($"{configuration.GetSection("Wechat:secret").Value}");
-            secid = $"{configuration.GetSection("Wechat:secid").Value}";
+            secid = AES.Decrypt($"{configuration.GetSection("Wechat:secid").Value}");
-            Gzhappid = $"{configuration.GetSection("WechatGzh:appid").Value}";
+            Gzhappid = AES.Decrypt($"{configuration.GetSection("WechatGzh:appid").Value}");
-            Gzhsecret = $"{configuration.GetSection("WechatGzh:secret").Value}";
+            Gzhsecret = AES.Decrypt($"{configuration.GetSection("WechatGzh:secret").Value}");
-            GzhtemplateId = $"{configuration.GetSection("WechatGzh:templateId").Value}"; 
+            GzhtemplateId = AES.Decrypt($"{configuration.GetSection("WechatGzh:templateId").Value}");
-            TemplateIdSuccess = $"{configuration.GetSection("Wechat:templateIdSuccess").Value}";
+            TemplateIdSuccess = AES.Decrypt($"{configuration.GetSection("Wechat:templateIdSuccess").Value}");
-            TemplateIdFail = $"{configuration.GetSection("Wechat:templateIdFail").Value}";
+            TemplateIdFail = AES.Decrypt($"{configuration.GetSection("Wechat:templateIdFail").Value}");
            TemplateIdFail = $"{configuration.GetSection("Wechat:templateIdFail").Value}";
        }
        //小程序获取openId
        public async Task<Result> GetOpenId(string code)