修复本地上传未限制文件格式的BUG

@@ -49,7 +49,7 @@ class Ajax extends Backend
         $file = $this->request->file('file');
         if (empty($file))
         {
-            $this->error("未上传文件或超出服务器上传限制");
+            $this->error(__('No file upload or server upload limit exceeded'));
         }
 
         //判断是否已经存在附件
@@ -64,6 +64,14 @@ class Ajax extends Backend
         $fileInfo = $file->getInfo();
         $suffix = strtolower(pathinfo($fileInfo['name'], PATHINFO_EXTENSION));
         $suffix = $suffix ? $suffix : 'file';
+
+        $mimetypeArr = explode(',', $upload['mimetype']);
+        $typeArr = explode('/', $fileInfo['type']);
+        //验证文件后缀
+        if ($upload['mimetype'] !== '*' && !in_array($suffix, $mimetypeArr) && !in_array($fileInfo['type'], $mimetypeArr) && !in_array($typeArr[0] . '/*', $mimetypeArr))
+        {
+            $this->error(__('Uploaded file format is limited'));
+        }
         $replaceArr = [
             '{year}'     => date("Y"),
             '{mon}'      => date("m"),
@@ -110,7 +118,7 @@ class Ajax extends Backend
             $attachment->data(array_filter($params));
             $attachment->save();
             \think\Hook::listen("upload_after", $attachment);
-            $this->success('上传成功', null, [
+            $this->success(__('Upload successful'), null, [
                 'url' => $uploadDir . $splInfo->getSaveName()
             ]);
         }

+<?php
+
+return [
+    'No file upload or server upload limit exceeded' => '未上传文件或超出服务器上传限制',
+    'Uploaded file format is limited'                => '上传文件格式受限制',
+    'Upload successful'                              => '上传成功',
+];

@@ -37,17 +37,15 @@ class Ajax extends Frontend
      */
     public function upload()
     {
+        Config::set('default_return_type', 'json');
         $file = $this->request->file('file');
+        if (empty($file))
+        {
+            $this->error(__('No file upload or server upload limit exceeded'));
+        }
 
         //判断是否已经存在附件
         $sha1 = $file->hash();
-        $uploaded = model("attachment")->where('sha1', $sha1)->find();
-        if ($uploaded)
-        {
-            $this->success('', null, [
-                'url' => $uploaded['url']
-            ]);
-        }
 
         $upload = Config::get('upload');
 
@@ -58,6 +56,14 @@ class Ajax extends Frontend
         $fileInfo = $file->getInfo();
         $suffix = strtolower(pathinfo($fileInfo['name'], PATHINFO_EXTENSION));
         $suffix = $suffix ? $suffix : 'file';
+
+        $mimetypeArr = explode(',', $upload['mimetype']);
+        $typeArr = explode('/', $fileInfo['type']);
+        //验证文件后缀
+        if ($upload['mimetype'] !== '*' && !in_array($suffix, $mimetypeArr) && !in_array($fileInfo['type'], $mimetypeArr) && !in_array($typeArr[0] . '/*', $mimetypeArr))
+        {
+            $this->error(__('Uploaded file format is limited'));
+        }
         $replaceArr = [
             '{year}'     => date("Y"),
             '{mon}'      => date("m"),
@@ -97,10 +103,14 @@ class Ajax extends Frontend
                 'mimetype'    => $fileInfo['type'],
                 'url'         => $uploadDir . $splInfo->getSaveName(),
                 'uploadtime'  => time(),
+                'storage'     => 'local',
                 'sha1'        => $sha1,
             );
-            model("attachment")->create(array_filter($params));
-            $this->success('', null, [
+            $attachment = model("attachment");
+            $attachment->data(array_filter($params));
+            $attachment->save();
+            \think\Hook::listen("upload_after", $attachment);
+            $this->success(__('Upload successful'), null, [
                 'url' => $uploadDir . $splInfo->getSaveName()
             ]);
         }

+<?php
+
+return [
+    'No file upload or server upload limit exceeded' => '未上传文件或超出服务器上传限制',
+    'Uploaded file format is limited'                => '上传文件格式受限制',
+    'Upload successful'                              => '上传成功',
+];