From eb2b30418848bf1206fad54559cda9d4636bed88 Mon Sep 17 00:00:00 2001 From: erik1110 Date: Tue, 23 Jan 2024 20:43:23 +0800 Subject: [PATCH 1/2] [feat] check fileExtension --- src/features/image/image.service.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/features/image/image.service.ts b/src/features/image/image.service.ts index 3a1a7f6..b3c7598 100644 --- a/src/features/image/image.service.ts +++ b/src/features/image/image.service.ts @@ -10,9 +10,14 @@ export class ImageService { async uploadImage(file): Promise { const maxSize = 3 * 1024 * 1024; // 3 MB in bytes + const allowedExtensions = ['png', 'jpg', 'jpeg', 'webp']; if (file.size > maxSize) { throw new AppError(HttpStatus.BAD_REQUEST, 'UserError', '超過 3 MB'); } + const fileExtension = file.name.split('.').pop()?.toLowerCase(); + if (!fileExtension || !allowedExtensions.includes(fileExtension)) { + throw new AppError(HttpStatus.BAD_REQUEST, 'UserError', '不支援的檔案格式'); + } const storage = this.firebaseService.getStorageInstance(); const bucket = storage.bucket(); const encodedOriginalName = encodeURIComponent(file.originalname); From 28eab300833d760883e231d20f91e6a4dbe2aad5 Mon Sep 17 00:00:00 2001 From: erik1110 Date: Wed, 24 Jan 2024 09:43:08 +0800 Subject: [PATCH 2/2] [fix] fix updateCulinary --- src/features/culinary/culinary.service.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/features/culinary/culinary.service.ts b/src/features/culinary/culinary.service.ts index 97e11b9..ee34b14 100644 --- a/src/features/culinary/culinary.service.ts +++ b/src/features/culinary/culinary.service.ts @@ -55,7 +55,7 @@ export class CulinaryService { title: updateCulinaryDto.title, description: updateCulinaryDto.description, diningTime: updateCulinaryDto.diningTime, - image: updateCulinaryDto.description, + image: updateCulinaryDto.image, creator: req['user']._id, }, {