2 роки тому · d63e63d986
--- a/crmeb/app/adminapi/controller/v1/setting/SystemCrud.php
+++ b/crmeb/app/adminapi/controller/v1/setting/SystemCrud.php
@@ -85,6 +85,10 @@ class SystemCrud extends AuthController
 
				             ['deleteField', []],//删除的表字段
			
 
				         ]);
			
 
				 
			
 
				+        if (!preg_match('/^[\x{4e00}-\x{9fa5}a-zA-Z]+$/u', $data['menuName'])) return app('json')->fail('菜单名称只能是中文或者英文');
			
 
				+        if (!preg_match('/^[\x{4e00}-\x{9fa5}a-zA-Z]+$/u', $data['modelName'])) return app('json')->fail('模块名称只能是中文或者英文');
			
 
				+        if (!preg_match('/^[a-zA-Z_]+$/u', $data['tableName'])) return app('json')->fail('表名称只能是英文和下划线组成');
			
 
				+
			
 
				         $fromField = $searchField = $hasOneField = $columnField = $tableIndex = [];
			
 
				 
			
 
				         $dictionaryids = array_column($data['tableField'], 'dictionary_id');
			
--- a/crmeb/app/services/system/attachment/SystemAttachmentServices.php
+++ b/crmeb/app/services/system/attachment/SystemAttachmentServices.php
@@ -256,6 +256,7 @@ class SystemAttachmentServices extends BaseServices
 
				         if (isset($pathinfo['extension']) && !in_array($pathinfo['extension'], ['avi', 'mp4', 'wmv', 'rm', 'mpg', 'mpeg', 'mov', 'flv', 'swf'])) {
			
 
				             throw new AdminException(400558);
			
 
				         }
			
 
				+        $data['chunkNumber'] = (int)$data['chunkNumber'];
			
 
				         $public_dir = app()->getRootPath() . 'public';
			
 
				         $dir = '/uploads/attach/' . date('Y') . DIRECTORY_SEPARATOR . date('m') . DIRECTORY_SEPARATOR . date('d');
			
 
				         $all_dir = $public_dir . $dir;