更改为绝对路径后,就可以将上传的文件放在网站项目之外,对安全性和负载平衡有很大用处。 1、修改config.json: 主要修改的是各类型的访问路径前缀。
/* 前后端通信相关的配置,注释只允许使用多行方式 */ { /* 上传图片配置项 */ "imageActionName": "uploadimage", /* 执行上传图片的action名称 */ "imageFieldName": "upfile", /* 提交的图片表单名称 */ "imageMaxSize": 2048000, /* 上传大小限制,单位B */ "imageAllowFiles": [".png", ".jpg", ".jpeg", ".gif", ".bmp"], /* 上传图片格式显示 */ "imageCompressEnable": true, /* 是否压缩图片,默认是true */ "imageCompressBorder": 1600, /* 图片压缩最长边限制 */ "imageInsertAlign": "none", /* 插入的图片浮动方式 */ "imageUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/", /* 图片访问路径前缀 */ "imagePathFormat": "upload/image/{yyyy}{mm}{dd}/{time}{rand:6}", /* 上传保存路径,可以自定义保存路径和文件名格式 */ /* {filename} 会替换成原文件名,配置这项需要注意中文乱码问题 */ /* {rand:6} 会替换成随机数,后面的数字是随机数的位数 */ /* {time} 会替换成时间戳 */ /* {yyyy} 会替换成四位年份 */ /* {yy} 会替换成两位年份 */ /* {mm} 会替换成两位月份 */ /* {dd} 会替换成两位日期 */ /* {hh} 会替换成两位小时 */ /* {ii} 会替换成两位分钟 */ /* {ss} 会替换成两位秒 */ /* 非法字符 \ : * ? " < > | */ /* 具请体看线上文档: fex.baidu.com/ueditor/#use-format_upload_filename */ /* 涂鸦图片上传配置项 */ "scrawlActionName": "uploadscrawl", /* 执行上传涂鸦的action名称 */ "scrawlFieldName": "upfile", /* 提交的图片表单名称 */ "scrawlPathFormat": "upload/image/{yyyy}{mm}{dd}/{time}{rand:6}", /* 上传保存路径,可以自定义保存路径和文件名格式 */ "scrawlMaxSize": 2048000, /* 上传大小限制,单位B */ "scrawlUrlPrefix":"", /* "/Scripts/ueditor-utf8-net/net/", /* 图片访问路径前缀 */ "scrawlInsertAlign": "none", /* 截图工具上传 */ "snapscreenActionName": "uploadimage", /* 执行上传截图的action名称 */ "snapscreenPathFormat": "upload/image/{yyyy}{mm}{dd}/{time}{rand:6}", /* 上传保存路径,可以自定义保存路径和文件名格式 */ "snapscreenUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/", /* 图片访问路径前缀 */ "snapscreenInsertAlign": "none", /* 插入的图片浮动方式 */ /* 抓取远程图片配置 */ "catcherLocalDomain": ["127.0.0.1", "localhost", "img.baidu.com"], "catcherActionName": "catchimage", /* 执行抓取远程图片的action名称 */ "catcherFieldName": "source", /* 提交的图片列表表单名称 */ "catcherPathFormat": "upload/image/{yyyy}{mm}{dd}/{time}{rand:6}", /* 上传保存路径,可以自定义保存路径和文件名格式 */ "catcherUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/", /* 图片访问路径前缀 */ "catcherMaxSize": 2048000, /* 上传大小限制,单位B */ "catcherAllowFiles": [".png", ".jpg", ".jpeg", ".gif", ".bmp"], /* 抓取图片格式显示 */ /* 上传视频配置 */ "videoActionName": "uploadvideo", /* 执行上传视频的action名称 */ "videoFieldName": "upfile", /* 提交的视频表单名称 */ "videoPathFormat": "upload/video/{yyyy}{mm}{dd}/{time}{rand:6}", /* 上传保存路径,可以自定义保存路径和文件名格式 */ "videoUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/", /* 视频访问路径前缀 */ "videoMaxSize": 102400000, /* 上传大小限制,单位B,默认100MB */ "videoAllowFiles": [ ".flv", ".swf", ".mkv", ".avi", ".rm", ".rmvb", ".mpeg", ".mpg", ".ogg", ".ogv", ".mov", ".wmv", ".mp4", ".webm", ".mp3", ".wav", ".mid"], /* 上传视频格式显示 */ /* 上传文件配置 */ "fileActionName": "uploadfile", /* controller里,执行上传视频的action名称 */ "fileFieldName": "upfile", /* 提交的文件表单名称 */ "filePathFormat": "upload/file/{yyyy}{mm}{dd}/{time}{rand:6}", /* 上传保存路径,可以自定义保存路径和文件名格式 */ "fileUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/", /* 文件访问路径前缀 */ "fileMaxSize": 51200000, /* 上传大小限制,单位B,默认50MB */ "fileAllowFiles": [ ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".flv", ".swf", ".mkv", ".avi", ".rm", ".rmvb", ".mpeg", ".mpg", ".ogg", ".ogv", ".mov", ".wmv", ".mp4", ".webm", ".mp3", ".wav", ".mid", ".rar", ".zip", ".tar", ".gz", ".7z", ".bz2", ".cab", ".iso", ".doc", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".pdf", ".txt", ".md", ".xml" ], /* 上传文件格式显示 */ /* 列出指定目录下的图片 */ "imageManagerActionName": "listimage", /* 执行图片管理的action名称 */ "imageManagerListPath": "upload/image", /* 指定要列出图片的目录 */ "imageManagerListSize": 20, /* 每次列出文件数量 */ "imageManagerUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/", /* 图片访问路径前缀 */ "imageManagerInsertAlign": "none", /* 插入的图片浮动方式 */ "imageManagerAllowFiles": [".png", ".jpg", ".jpeg", ".gif", ".bmp"], /* 列出的文件类型 */ /* 列出指定目录下的文件 */ "fileManagerActionName": "listfile", /* 执行文件管理的action名称 */ "fileManagerListPath": "upload/file", /* 指定要列出文件的目录 */ "fileManagerUrlPrefix": "", /*"/Scripts/ueditor-utf8-net/net/",/* 文件访问路径前缀 */ "fileManagerListSize": 20, /* 每次列出文件数量 */ "fileManagerAllowFiles": [ ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".flv", ".swf", ".mkv", ".avi", ".rm", ".rmvb", ".mpeg", ".mpg", ".ogg", ".ogv", ".mov", ".wmv", ".mp4", ".webm", ".mp3", ".wav", ".mid", ".rar", ".zip", ".tar", ".gz", ".7z", ".bz2", ".cab", ".iso", ".doc", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".pdf", ".txt", ".md", ".xml" ] /* 列出的文件类型 */ }2、修改controller.ashx: baseurl 是主项目web.config中的上传路径配置
<%@ WebHandler Language="C#" Class="UEditorHandler" %> using System; using System.Web; using System.IO; using System.Collections; using Newtonsoft.Json; public class UEditorHandler : IHttpHandler { public void ProcessRequest(HttpContext context) { string baseurl = System.Configuration.ConfigurationManager.AppSettings["UploadPath"]; Handler action = null; switch (context.Request["action"]) { case "config": action = new ConfigHandler(context); break; case "uploadimage": action = new UploadHandler(context, new UploadConfig() { AllowExtensions = Config.GetStringList("imageAllowFiles"), PathFormat = baseurl + "/" + Config.GetString("imagePathFormat"), SizeLimit = Config.GetInt("imageMaxSize"), UploadFieldName = Config.GetString("imageFieldName") }); break; case "uploadscrawl": action = new UploadHandler(context, new UploadConfig() { AllowExtensions = new string[] { ".png" }, PathFormat = baseurl + "/" + Config.GetString("scrawlPathFormat"), SizeLimit = Config.GetInt("scrawlMaxSize"), UploadFieldName = Config.GetString("scrawlFieldName"), Base64 = true, Base64Filename = "scrawl.png" }); break; case "uploadvideo": action = new UploadHandler(context, new UploadConfig() { AllowExtensions = Config.GetStringList("videoAllowFiles"), PathFormat = baseurl + "/" + Config.GetString("videoPathFormat"), SizeLimit = Config.GetInt("videoMaxSize"), UploadFieldName = Config.GetString("videoFieldName") }); break; case "uploadfile": action = new UploadHandler(context, new UploadConfig() { AllowExtensions = Config.GetStringList("fileAllowFiles"), PathFormat = baseurl + "/" + Config.GetString("filePathFormat"), SizeLimit = Config.GetInt("fileMaxSize"), UploadFieldName = Config.GetString("fileFieldName") }); break; case "listimage": action = new ListFileManager(context, baseurl + "/" + Config.GetString("imageManagerListPath"), Config.GetStringList("imageManagerAllowFiles")); break; case "listfile": action = new ListFileManager(context, baseurl + "/" + Config.GetString("fileManagerListPath"), Config.GetStringList("fileManagerAllowFiles")); break; case "catchimage": action = new CrawlerHandler(context); break; default: action = new NotSupportedHandler(context); break; } action.Process(); } public bool IsReusable { get { return false; } } }3、修改UploadHandler.cs
去掉Server.MapPath,返回路径前加”/dbc/getfile?url=” ,这是个取文件返回的action
public override void Process() { byte[] uploadFileBytes = null; string uploadFileName = null; if (UploadConfig.Base64) { uploadFileName = UploadConfig.Base64Filename; uploadFileBytes = Convert.FromBase64String(Request[UploadConfig.UploadFieldName]); } else { var file = Request.Files[UploadConfig.UploadFieldName]; uploadFileName = file.FileName; if (!CheckFileType(uploadFileName)) { Result.State = UploadState.TypeNotAllow; WriteResult(); return; } if (!CheckFileSize(file.ContentLength)) { Result.State = UploadState.SizeLimitExceed; WriteResult(); return; } uploadFileBytes = new byte[file.ContentLength]; try { file.InputStream.Read(uploadFileBytes, 0, file.ContentLength); } catch (Exception) { Result.State = UploadState.NetworkError; WriteResult(); } } Result.OriginFileName = uploadFileName; var savePath = PathFormatter.Format(uploadFileName, UploadConfig.PathFormat); var localPath = savePath;// Server.MapPath(savePath); try { if (!Directory.Exists(Path.GetDirectoryName(localPath))) { Directory.CreateDirectory(Path.GetDirectoryName(localPath)); } File.WriteAllBytes(localPath, uploadFileBytes); Result.Url = "/dbc/getfile?url=" + savePath.Substring(baseurl.Length); Result.State = UploadState.Success; } catch (Exception e) { Result.State = UploadState.FileAccessError; Result.ErrorMessage = e.Message; } finally { WriteResult(); } }4、修改ListFileHandler.cs 同上
public override void Process() { try { Start = String.IsNullOrEmpty(Request["start"]) ? 0 : Convert.ToInt32(Request["start"]); Size = String.IsNullOrEmpty(Request["size"]) ? Config.GetInt("imageManagerListSize") : Convert.ToInt32(Request["size"]); } catch (FormatException) { State = ResultState.InvalidParam; WriteResult(); return; } var buildingList = new List<String>(); try { var localPath = PathToList;// Server.MapPath(PathToList); buildingList.AddRange(Directory.GetFiles(localPath, "*", SearchOption.AllDirectories) .Where(x => SearchExtensions.Contains(Path.GetExtension(x).ToLower())) .Select(x => PathToList + x.Substring(localPath.Length).Replace("\\", "/"))); for (int i = 0; i < buildingList.Count; i++) { string str = buildingList[i]; buildingList[i] = "/dbc/getfile?url=" + str.Substring(baseurl.Length); } Total = buildingList.Count; FileList = buildingList.OrderBy(x => x).Skip(Start).Take(Size).ToArray(); } catch (UnauthorizedAccessException) { State = ResultState.AuthorizError; } catch (DirectoryNotFoundException) { State = ResultState.PathNotFound; } catch (IOException) { State = ResultState.IOError; } finally { WriteResult(); } }5、获取文件的action
public FileResult GetFile(string url) { var path = System.Configuration.ConfigurationManager.AppSettings["UploadPath"] + url; var filename = Path.GetFileName(path); return File(path, "application/octet-stream", filename); }