diff --git a/library/think/App.php b/library/think/App.php index 3c5f81f0..297f8ae5 100644 --- a/library/think/App.php +++ b/library/think/App.php @@ -551,6 +551,11 @@ class App // 获取控制器名 $controller = strip_tags($result[1] ?: $config['default_controller']); + + if (!preg_match('/^[A-Za-z](\w)*$/', $controller)) { + throw new HttpException(404, 'controller not exists:' . $controller); + } + $controller = $convert ? strtolower($controller) : $controller; // 获取操作名