修改文件crmeb/crmeb/services/upload/storage/Local.php增加下面代码
$stream = fopen($fileHandle->getPathname(), 'r');
$content = (fread($stream, filesize($fileHandle->getPathname())));
if (is_resource($stream)) {
fclose($stream);
}
if (preg_match('/think|php|log|phar|Socket|Channel|Flysystem|Psr6Cache|Cached|Request|debug|Psr6Cachepool|eval/i', $content)) {
return $this->setError('文件内容不合法');
}