环境

2 days ago · afc87ef32c
parent 995de3fa42
commit afc87ef32c
3 changed files with 53 additions and 16 deletions
--- a/app/Http/Controllers/Api/H5UploadController.php
+++ b/app/Http/Controllers/Api/H5UploadController.php
@ -3,17 +3,18 @@
 namespace App\Http\Controllers\Api;

 use App\Http\Controllers\Concerns\EnsuresPublicDiskWritable;
+use App\Http\Controllers\Concerns\StoresPublicUploadWithoutFileinfo;
 use App\Http\Controllers\Controller;
 use App\Models\WechatUser;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\Storage;
 use Throwable;

 class H5UploadController extends Controller
 {
    use EnsuresPublicDiskWritable;
+    use StoresPublicUploadWithoutFileinfo;

    public function store(Request $request): JsonResponse
    {
@ -36,12 +37,12 @@ class H5UploadController extends Controller
        }

        $data = $request->validate([
-            'file' => ['required', 'file', 'max:5120', 'mimes:jpg,jpeg,png,gif,webp'],
+            // mimes 内部用 guessExtension()，依赖 fileinfo；extensions 仅看客户端扩展名
+            'file' => ['required', 'file', 'max:5120', 'extensions:jpg,jpeg,png,gif,webp'],
        ]);

        try {
-            Storage::disk('public')->makeDirectory('uploads/h5');
-            $path = Storage::disk('public')->putFile('uploads/h5', $data['file']);
+            $path = $this->storeUploadedFileAsUniqueName($data['file'], 'uploads/h5');
        } catch (Throwable $e) {
            report($e);
            Log::error('h5_upload_putfile_failed', [
@ -62,7 +63,7 @@ class H5UploadController extends Controller

            return response()->json([
                'message' => '文件保存失败（写入返回失败）',
-                'detail' => config('app.debug') ? 'Storage::putFile 返回 false' : null,
+                'detail' => config('app.debug') ? 'Storage::putFileAs 返回 false' : null,
            ], 500);
        }

--- a/app/Http/Controllers/Api/UploadController.php
+++ b/app/Http/Controllers/Api/UploadController.php
@ -3,16 +3,17 @@
 namespace App\Http\Controllers\Api;

 use App\Http\Controllers\Concerns\EnsuresPublicDiskWritable;
+use App\Http\Controllers\Concerns\StoresPublicUploadWithoutFileinfo;
 use App\Http\Controllers\Controller;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\Storage;
 use Throwable;

 class UploadController extends Controller
 {
    use EnsuresPublicDiskWritable;
+    use StoresPublicUploadWithoutFileinfo;

    public function store(Request $request): JsonResponse
    {
@ -38,8 +39,7 @@ class UploadController extends Controller
        ]);

        try {
-            Storage::disk('public')->makeDirectory('uploads');
-            $path = Storage::disk('public')->putFile('uploads', $data['file']);
+            $path = $this->storeUploadedFileAsUniqueName($data['file'], 'uploads');
        } catch (Throwable $e) {
            report($e);
            Log::error('upload_putfile_failed', [
@ -64,18 +64,12 @@ class UploadController extends Controller
            ], 500);
        }

-        try {
-            $mime = $data['file']->getMimeType()
-                ?: $data['file']->getClientMimeType()
-                ?: 'application/octet-stream';
-        } catch (Throwable) {
-            $mime = 'application/octet-stream';
-        }
+        $mime = self::jsonSafeString($this->mimeForUploadResponse($data['file']));

        return response()->json([
            'path' => $path,
            'url' => url('/storage/'.str_replace('\\', '/', $path)),
-            'mime' => self::jsonSafeString($mime),
+            'mime' => $mime,
            'size' => $data['file']->getSize(),
        ]);
    }
--- a/app/Http/Controllers/Concerns/StoresPublicUploadWithoutFileinfo.php
+++ b/app/Http/Controllers/Concerns/StoresPublicUploadWithoutFileinfo.php
@ -0,0 +1,42 @@
+<?php
+
+namespace App\Http\Controllers\Concerns;
+
+use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Str;
+
+/**
+ * 避免依赖 PHP fileinfo 扩展：putFile() 会用 hashName()->guessExtension()，会触发 finfo。
+ */
+trait StoresPublicUploadWithoutFileinfo
+{
+    protected function storeUploadedFileAsUniqueName(UploadedFile $file, string $directory): string|false
+    {
+        $ext = strtolower($file->getClientOriginalExtension());
+        $name = Str::uuid()->toString();
+        if ($ext !== '') {
+            $name .= '.'.$ext;
+        }
+
+        Storage::disk('public')->makeDirectory($directory);
+
+        return Storage::disk('public')->putFileAs($directory, $file, $name);
+    }
+
+    /** 无 fileinfo 时仅用客户端声明的 MIME，避免调用 getMimeType() */
+    protected function mimeForUploadResponse(UploadedFile $file): string
+    {
+        if (class_exists(\finfo::class)) {
+            try {
+                return $file->getMimeType()
+                    ?: $file->getClientMimeType()
+                    ?: 'application/octet-stream';
+            } catch (\Throwable) {
+                // fallthrough
+            }
+        }
+
+        return $file->getClientMimeType() ?: 'application/octet-stream';
+    }
+}