fix Arbitrary file upload vuln

server/Application/Home/Controller/PageController.class.php

@@ -147,7 +147,7 @@ class PageController extends BaseController {
         }else{
             $upload = new \Think\Upload();// 实例化上传类
             $upload->maxSize  = 3145728 ;// 设置附件上传大小
-            $upload->allowExts  = array('jpg', 'gif', 'png', 'jpeg');// 设置附件上传类型
+            $upload->exts  = array('jpg', 'gif', 'png', 'jpeg');// 设置附件上传类型
             $upload->rootPath = './Public/Uploads/';// 设置附件上传目录
             $upload->savePath = '';// 设置附件上传子目录
             $info = $upload->upload() ;