From d3401f5189172c4df281a65fb74bde66a53697e5 Mon Sep 17 00:00:00 2001
From: candc <1063675311@qq.com>
Date: Wed, 13 May 2026 12:05:53 +0800
Subject: [PATCH] fix: improve article and form security checks

---
 .../ucenter/ArticleUCenterController.java       | 17 ++++++++++++-----
 .../form/controller/front/FormController.java   | 10 ++++++++++
 2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/module-article/module-article-web/src/main/java/io/jpress/module/article/controller/ucenter/ArticleUCenterController.java b/module-article/module-article-web/src/main/java/io/jpress/module/article/controller/ucenter/ArticleUCenterController.java
index f5c6f6115..8f0c3d505 100644
--- a/module-article/module-article-web/src/main/java/io/jpress/module/article/controller/ucenter/ArticleUCenterController.java
+++ b/module-article/module-article-web/src/main/java/io/jpress/module/article/controller/ucenter/ArticleUCenterController.java
@@ -169,14 +169,21 @@ public class ArticleUCenterController extends UcenterControllerBase {
         article.setUserId(getLoginedUser().getId());
 
         if (!getLoginedUser().isStatusOk()) {
-            renderJson(Ret.fail().set("message", "当前脏话未激活，无法投稿。"));
+            renderJson(Ret.fail().set("message", "当前账号未激活，无法投稿。"));
             return;
         }
 
 
-        if (article.getId() != null && notLoginedUserModel(article)) {
-            renderJson(Ret.fail().set("message", "非法操作"));
-            return;
+        if (article.getId() != null) {
+            Article dbArticle = articleService.findById(article.getId());
+            if (dbArticle == null || notLoginedUserModel(dbArticle)) {
+                renderJson(Ret.fail().set("message", "非法操作"));
+                return;
+            }
+            if (dbArticle.isNormal()) {
+                renderJson(Ret.fail().set("message", "非法操作"));
+                return;
+            }
         }
 
         if (!validateSlug(article)) {
@@ -277,4 +284,4 @@ public class ArticleUCenterController extends UcenterControllerBase {
         renderJson(commentService.delete(comment) ? OK : FAIL);
     }
 
-}
\ No newline at end of file
+}
diff --git a/module-form/module-form-web/src/main/java/io/jpress/module/form/controller/front/FormController.java b/module-form/module-form-web/src/main/java/io/jpress/module/form/controller/front/FormController.java
index d51ec8290..bc87a9716 100644
--- a/module-form/module-form-web/src/main/java/io/jpress/module/form/controller/front/FormController.java
+++ b/module-form/module-form-web/src/main/java/io/jpress/module/form/controller/front/FormController.java
@@ -77,6 +77,16 @@ public class FormController extends TemplateControllerBase {
             files = getFiles();
         }
 
+        if (files != null) {
+            for (UploadFile uploadFile : files) {
+                if (AttachmentUtils.isUnSafe(uploadFile.getFile())) {
+                    deleteFiles(files);
+                    renderJson(Ret.fail().set("message", "不支持此类文件上传"));
+                    return;
+                }
+            }
+        }
+
         CaptchaVO captchaVO = getBean(CaptchaVO.class);
 
         //进行前端滑块 参数验证
-- 
Gitee