productDev/dingyuannongji.git

2026-03-23 6cfc2e4258089c953b67054229170c1178585590

小程序   接口开发

已修改2个文件

	server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java	29 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java	51 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java

@@ -1,5 +1,7 @@
package com.doumee.service.business.impl;

import cn.binarywang.wx.miniapp.bean.security.WxMaMsgSecCheckCheckRequest;
import cn.binarywang.wx.miniapp.bean.security.WxMaMsgSecCheckCheckResponse;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
@@ -12,6 +14,7 @@
import com.doumee.core.model.PageWrap;
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.Utils;
import com.doumee.core.wx.WxMiniConfig;
import com.doumee.dao.business.*;
import com.doumee.dao.business.model.*;
import com.doumee.dao.web.dto.CommentDTO;
@@ -22,6 +25,7 @@
import com.doumee.service.business.CommentService;
import com.doumee.service.business.ZanService;
import com.github.yulichang.wrapper.MPJLambdaWrapper;
import me.chanjar.weixin.common.error.WxErrorException;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
@@ -67,6 +71,26 @@

    @Override
    public Comment apply(CommentApplyRequest comment, Integer memberId) {
        if (StringUtils.isNotBlank(comment.getContent())) {
            try {
                WxMaMsgSecCheckCheckRequest checkRequest = WxMaMsgSecCheckCheckRequest.builder()
                        .version("2")
                        .scene(3)
                        .openid(getMemberOpenId(memberId))
                        .content(comment.getContent())
                        .build();
                WxMaMsgSecCheckCheckResponse checkResponse = WxMiniConfig.wxMaService.getSecurityService().checkMessage(checkRequest);
                if (checkResponse.getResult() != null && checkResponse.getResult().getSuggest() != null) {
                    String suggest = checkResponse.getResult().getSuggest();
                    if ("risky".equalsIgnoreCase(suggest)) {
                        throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(), "评论内容包含违规信息，请修改后重新发布");
                    }
                }
            } catch (WxErrorException e) {
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(), "内容安全检测失败，请稍后重试");
            }
        }

        Comment target = new Comment();
        target.setCreateDate(new Date());
        target.setEditDate(new Date());
@@ -408,4 +432,9 @@
        });
        return PageData.from(result);
    }

    private String getMemberOpenId(Integer memberId) {
        Member member = memberMapper.selectById(memberId);
        return member != null ? member.getOpenId() : null;
    }
}

 server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java

@@ -7,11 +7,13 @@
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.DateUtil;
import com.doumee.core.utils.aliyun.ALiYunUtil;
import com.doumee.core.wx.WxMiniConfig;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import me.chanjar.weixin.common.error.WxErrorException;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
@@ -23,6 +25,7 @@

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
@@ -98,17 +101,14 @@
            MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
            Iterator<String> it = multipartRequest.getFileNames();
            while (it.hasNext()) {
                MultipartFile file = multipartRequest.getFile((String) it.next());// file
                // multipartRequest.getFile((String)
                // it.next());
                MultipartFile file = multipartRequest.getFile((String) it.next());
                if (file != null) {
                    // 1、上传到服务器临时文件夹
                    String uploadFileName = file.getOriginalFilename();
                    String originname = uploadFileName;
                    if (originname.lastIndexOf("/") >= 0) {
                        originname = originname.substring(originname.lastIndexOf("/") + 1);
                    }
                    String nfix = "";// 后缀名
                    String nfix = "";
                    if (StringUtils.isNotBlank(uploadFileName)) {
                        nfix = uploadFileName.substring(uploadFileName.lastIndexOf("."));
                    }
@@ -122,14 +122,36 @@
                        context.put("message", "对不起，文件格式\".dll\"上传有误！");
                        return;
                    }
                    String nowDate = DateUtil.getNowShortDate();// 当前时间（年月日）

                    if (isImageFile(nfix)) {
                        File tempFile = null;
                        try {
                            tempFile = File.createTempFile("wx_check_", nfix);
                            java.io.FileOutputStream fos = new java.io.FileOutputStream(tempFile);
                            fos.write(file.getBytes());
                            fos.close();
                            boolean isSafe = WxMiniConfig.wxMaService.getSecurityService().checkImage(tempFile);
                            if (!isSafe) {
                                context.put("code", 4001);
                                context.put("message", "图片内容不合规，请更换图片后重试");
                                writerJson(response, context);
                                return;
                            }
                        } catch (WxErrorException e) {
                            log.warn("微信图片安全检测失败: {}", e.getMessage());
                        } finally {
                            if (tempFile != null && tempFile.exists()) {
                                tempFile.delete();
                            }
                        }
                    }

                    String nowDate = DateUtil.getNowShortDate();
                    String fileName = UUID.randomUUID().toString() + nfix;
                    String tempFileName = nowDate + "/" + fileName;
                    String key = folder + tempFileName;// 文件名
                    String key = folder + tempFileName;
                    ALiYunUtil obs = new ALiYunUtil(endpoint,access_id, access_key);
                    if (obs.uploadOnlineObject(file.getInputStream(),bucketName, key,null)) {
                        // 移动成功,返回文件名
                        // sendSuccessMessage(response, resourcePath+key);
                        context.put("success", true);
                        context.put("code", 200);
                        context.put("errno",0);
@@ -143,7 +165,6 @@
                        writerJson(response, context);
                        return;
                    } else {
                        // 移动失败
                        context.put("code", 0);
                        context.put("message", "上传失败");
                        writerJson(response, context);
@@ -160,6 +181,16 @@
        return;
    }

    private boolean isImageFile(String suffix) {
        if (StringUtils.isBlank(suffix)) {
            return false;
        }
        String lowerSuffix = suffix.toLowerCase();
        return lowerSuffix.equals(".jpg") || lowerSuffix.equals(".jpeg") 
            || lowerSuffix.equals(".png") || lowerSuffix.equals(".gif") 
            || lowerSuffix.equals(".bmp") || lowerSuffix.equals(".webp");
    }

    public static void writerJson(HttpServletResponse response, Object object) {
        response.setContentType("application/json");
        writer(response, JSONObject.toJSONString(object));

			@@ -1,5 +1,7 @@
			package com.doumee.service.business.impl;

			import cn.binarywang.wx.miniapp.bean.security.WxMaMsgSecCheckCheckRequest;
			import cn.binarywang.wx.miniapp.bean.security.WxMaMsgSecCheckCheckResponse;
			import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
			import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
			import com.baomidou.mybatisplus.core.metadata.IPage;
			@@ -12,6 +14,7 @@
			import com.doumee.core.model.PageWrap;
			import com.doumee.core.utils.Constants;
			import com.doumee.core.utils.Utils;
			import com.doumee.core.wx.WxMiniConfig;
			import com.doumee.dao.business.*;
			import com.doumee.dao.business.model.*;
			import com.doumee.dao.web.dto.CommentDTO;
			@@ -22,6 +25,7 @@
			import com.doumee.service.business.CommentService;
			import com.doumee.service.business.ZanService;
			import com.github.yulichang.wrapper.MPJLambdaWrapper;
			import me.chanjar.weixin.common.error.WxErrorException;
			import org.apache.commons.collections4.MapUtils;
			import org.apache.commons.lang3.StringUtils;
			import org.apache.shiro.SecurityUtils;
			@@ -67,6 +71,26 @@

			@Override
			public Comment apply(CommentApplyRequest comment, Integer memberId) {
			if (StringUtils.isNotBlank(comment.getContent())) {
			try {
			WxMaMsgSecCheckCheckRequest checkRequest = WxMaMsgSecCheckCheckRequest.builder()
			.version("2")
			.scene(3)
			.openid(getMemberOpenId(memberId))
			.content(comment.getContent())
			.build();
			WxMaMsgSecCheckCheckResponse checkResponse = WxMiniConfig.wxMaService.getSecurityService().checkMessage(checkRequest);
			if (checkResponse.getResult() != null && checkResponse.getResult().getSuggest() != null) {
			String suggest = checkResponse.getResult().getSuggest();
			if ("risky".equalsIgnoreCase(suggest)) {
			throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(), "评论内容包含违规信息，请修改后重新发布");
			}
			}
			} catch (WxErrorException e) {
			throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(), "内容安全检测失败，请稍后重试");
			}
			}

			Comment target = new Comment();
			target.setCreateDate(new Date());
			target.setEditDate(new Date());
			@@ -408,4 +432,9 @@
			});
			return PageData.from(result);
			}

			private String getMemberOpenId(Integer memberId) {
			Member member = memberMapper.selectById(memberId);
			return member != null ? member.getOpenId() : null;
			}
			}

			@@ -7,11 +7,13 @@
			import com.doumee.core.utils.Constants;
			import com.doumee.core.utils.DateUtil;
			import com.doumee.core.utils.aliyun.ALiYunUtil;
			import com.doumee.core.wx.WxMiniConfig;
			import io.swagger.annotations.Api;
			import io.swagger.annotations.ApiImplicitParam;
			import io.swagger.annotations.ApiImplicitParams;
			import io.swagger.annotations.ApiOperation;
			import lombok.extern.slf4j.Slf4j;
			import me.chanjar.weixin.common.error.WxErrorException;
			import org.apache.commons.lang3.StringUtils;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.web.bind.annotation.PostMapping;
			@@ -23,6 +25,7 @@

			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.File;
			import java.io.IOException;
			import java.io.PrintWriter;
			import java.util.HashMap;
			@@ -98,17 +101,14 @@
			MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
			Iterator<String> it = multipartRequest.getFileNames();
			while (it.hasNext()) {
			MultipartFile file = multipartRequest.getFile((String) it.next());// file
			// multipartRequest.getFile((String)
			// it.next());
			MultipartFile file = multipartRequest.getFile((String) it.next());
			if (file != null) {
			// 1、上传到服务器临时文件夹
			String uploadFileName = file.getOriginalFilename();
			String originname = uploadFileName;
			if (originname.lastIndexOf("/") >= 0) {
			originname = originname.substring(originname.lastIndexOf("/") + 1);
			}
			String nfix = "";// 后缀名
			String nfix = "";
			if (StringUtils.isNotBlank(uploadFileName)) {
			nfix = uploadFileName.substring(uploadFileName.lastIndexOf("."));
			}
			@@ -122,14 +122,36 @@
			context.put("message", "对不起，文件格式\".dll\"上传有误！");
			return;
			}
			String nowDate = DateUtil.getNowShortDate();// 当前时间（年月日）

			if (isImageFile(nfix)) {
			File tempFile = null;
			try {
			tempFile = File.createTempFile("wx_check_", nfix);
			java.io.FileOutputStream fos = new java.io.FileOutputStream(tempFile);
			fos.write(file.getBytes());
			fos.close();
			boolean isSafe = WxMiniConfig.wxMaService.getSecurityService().checkImage(tempFile);
			if (!isSafe) {
			context.put("code", 4001);
			context.put("message", "图片内容不合规，请更换图片后重试");
			writerJson(response, context);
			return;
			}
			} catch (WxErrorException e) {
			log.warn("微信图片安全检测失败: {}", e.getMessage());
			} finally {
			if (tempFile != null && tempFile.exists()) {
			tempFile.delete();
			}
			}
			}

			String nowDate = DateUtil.getNowShortDate();
			String fileName = UUID.randomUUID().toString() + nfix;
			String tempFileName = nowDate + "/" + fileName;
			String key = folder + tempFileName;// 文件名
			String key = folder + tempFileName;
			ALiYunUtil obs = new ALiYunUtil(endpoint,access_id, access_key);
			if (obs.uploadOnlineObject(file.getInputStream(),bucketName, key,null)) {
			// 移动成功,返回文件名
			// sendSuccessMessage(response, resourcePath+key);
			context.put("success", true);
			context.put("code", 200);
			context.put("errno",0);
			@@ -143,7 +165,6 @@
			writerJson(response, context);
			return;
			} else {
			// 移动失败
			context.put("code", 0);
			context.put("message", "上传失败");
			writerJson(response, context);
			@@ -160,6 +181,16 @@
			return;
			}

			private boolean isImageFile(String suffix) {
			if (StringUtils.isBlank(suffix)) {
			return false;
			}
			String lowerSuffix = suffix.toLowerCase();
			return lowerSuffix.equals(".jpg") \|\| lowerSuffix.equals(".jpeg")
			\|\| lowerSuffix.equals(".png") \|\| lowerSuffix.equals(".gif")
			\|\| lowerSuffix.equals(".bmp") \|\| lowerSuffix.equals(".webp");
			}

			public static void writerJson(HttpServletResponse response, Object object) {
			response.setContentType("application/json");
			writer(response, JSONObject.toJSONString(object));