EasyAdmin上传文件漏洞

 默认的上传没有 mime头验证,会有被人上传脚本的风险;

   /**
     * 上传文件 \app\admin\controller\Ajax.php
     */
    public function upload()
    {
        $data = [
            ‘upload_type‘ => $this->request->post(‘upload_type‘),
            ‘file‘        => $this->request->file(‘file‘),
        ];
        $uploadConfig = sysconfig(‘upload‘);
        empty($data[‘upload_type‘]) && $data[‘upload_type‘] = $uploadConfig[‘upload_type‘];
        $rule = [
            ‘upload_type|指定上传类型有误‘ => "in:{$uploadConfig[‘upload_allow_type‘]}",
            // ‘file|文件‘              => "require|file|fileExt:{$uploadConfig[‘upload_allow_ext‘]}|fileSize:{$uploadConfig[‘upload_allow_size‘]}",
            ‘file|文件‘              => "require|file|fileExt:{$uploadConfig[‘upload_allow_ext‘]}|fileMime:{$uploadConfig[‘upload_allow_mime‘]}|fileSize:{$uploadConfig[‘upload_allow_size‘]}",
        ];
        $this->validate($data, $rule);
        try {
            $upload = Uploadfile::instance()
                ->setUploadType($data[‘upload_type‘])
                ->setUploadConfig($uploadConfig)
                ->setFile($data[‘file‘])
                ->save();
        } catch (\Exception $e) {
            $this->error($e->getMessage());
        }
        if ($upload[‘save‘] == true) {
            $this->success($upload[‘msg‘], [‘url‘ => $upload[‘url‘]]);
        } else {
            $this->error($upload[‘msg‘]);
        }
    }

 

旧的上传只是验证文件后缀,容易被hacker 利用上传test.php.jpg 增加mime 头判断增强上传 文件的格式验证;

注意:增加后需要在配置文件中,配置相关的 mime文件头;

 

文章来源:刘俊涛的博客欢迎关注公众号、留言、评论,一起学习。

__________________________________________________________________________________

若有帮助到您,欢迎点击推荐,您的支持是对我坚持最好的肯定(*^_^*)

EasyAdmin上传文件漏洞

上一篇:html标签默认样式整理


下一篇:前端JS知识