il y a 8 mois · 0bfb60f3ac
--- a/src/admin/file_manage_control.php
+++ b/src/admin/file_manage_control.php
@@ -69,6 +69,10 @@ else if ($fmdo == "upload") {
        }
        $upfile = ${$upfile};
        $upfile_name = ${$upfile_name};
        if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml)$#i', trim($upfile_name))) {
            ShowMsg("文件扩展名已被系统禁止", "javascript:;");
            exit();
        }
        if (is_uploaded_file($upfile)) {
            //检查文件类型
            $mime = get_mime_type($upfile);