diff --git a/app/admin/controller/api/Upload.php b/app/admin/controller/api/Upload.php
index 45121fd67..a230c2b4d 100644
--- a/app/admin/controller/api/Upload.php
+++ b/app/admin/controller/api/Upload.php
@@ -69,10 +69,10 @@ class Upload extends Controller
      */
     public function state()
     {
+        $this->safe = boolval(input('safe'));
         $data = ['uptype' => $this->getType(), 'xkey' => input('xkey')];
-        if ($info = Storage::instance($data['uptype'])->info($data['xkey'])) {
+        if ($info = Storage::instance($data['uptype'])->info($data['xkey'], $this->safe)) {
             $data['url'] = $info['url'];
-            $data['pathinfo'] = $info['file'];
             $this->success('文件已经上传', $data, 200);
         } elseif ('local' === $data['uptype']) {
             $data['url'] = LocalStorage::instance()->url($data['xkey']);
diff --git a/app/admin/view/api/plugs/upload.js b/app/admin/view/api/plugs/upload.js
index 515cace94..5134f7d86 100644
--- a/app/admin/view/api/plugs/upload.js
+++ b/app/admin/view/api/plugs/upload.js
@@ -2,6 +2,7 @@ define(['md5'], function (SparkMD5) {
     var allowExtsMimes = JSON.parse('{$exts|raw}');
     return function (element, InitHandler, UploadedHandler) {
         var exts = [], mimes = [];
+        var safe = $(element).attr('data-safe');
         var uptype = $(element).attr('data-uptype') || '';
         var multiple = $(element).attr('data-multiple') > 0;
         var types = ($(element).data('type') || '').split(',');
@@ -15,15 +16,16 @@ define(['md5'], function (SparkMD5) {
         function renderUploader(options, headers, uploader) {
             uploader = layui.upload.render({
                 idx: 0, urls: {}, auto: false, elem: element,
-                headers: headers || {}, multiple: multiple,
                 exts: options.exts, acceptMime: options.acceptMime,
+                headers: headers || {}, multiple: multiple, accept: 'file',
                 choose: function (object, files) {
                     files = object.pushFile();
                     for (var index in files) {
                         md5file(files[index]).then(function (file) {
                             jQuery.ajax("?s=admin/api.upload/state", {
-                                data: {xkey: file.xkey, uptype: uptype}, method: 'POST', success: function (ret) {
+                                data: {xkey: file.xkey, uptype: uptype, safe: safe}, method: 'POST', success: function (ret) {
                                     if (ret.code === 404) {
+                                        uploader.config.data.safe = safe;
                                         uploader.config.url = ret.data.server;
                                         uploader.config.urls[index] = ret.data.url;
                                         if (ret.data.uptype === 'qiniu') {
diff --git a/app/wechat/controller/Config.php b/app/wechat/controller/Config.php
index a7d1a29c2..ea1ed3ec0 100644
--- a/app/wechat/controller/Config.php
+++ b/app/wechat/controller/Config.php
@@ -90,17 +90,17 @@ class Config extends Controller
         if ($this->request->isGet()) {
             $this->title = '微信支付配置';
             $file = Storage::instance('local');
-            $this->wechat_mch_ssl_cer = sysconf('wechat_mch_ssl_cer');
-            $this->wechat_mch_ssl_key = sysconf('wechat_mch_ssl_key');
-            $this->wechat_mch_ssl_p12 = sysconf('wechat_mch_ssl_p12');
-            if (!$file->has($this->wechat_mch_ssl_cer, true)) $this->wechat_mch_ssl_cer = '';
-            if (!$file->has($this->wechat_mch_ssl_key, true)) $this->wechat_mch_ssl_key = '';
-            if (!$file->has($this->wechat_mch_ssl_p12, true)) $this->wechat_mch_ssl_p12 = '';
+            $this->mch_ssl_cer = sysconf('wechat.mch_ssl_cer');
+            $this->mch_ssl_key = sysconf('wechat.mch_ssl_key');
+            $this->mch_ssl_p12 = sysconf('wechat.mch_ssl_p12');
+            if (!$file->has($this->mch_ssl_cer, true)) $this->mch_ssl_cer = '';
+            if (!$file->has($this->mch_ssl_key, true)) $this->mch_ssl_key = '';
+            if (!$file->has($this->mch_ssl_p12, true)) $this->mch_ssl_p12 = '';
             $this->fetch();
         } else {
-            if ($this->request->post('wechat_mch_ssl_type') === 'p12') {
-                if (!($sslp12 = $this->request->post('wechat_mch_ssl_p12'))) {
-                    $mchid = $this->request->post('wechat_mch_id');
+            if ($this->request->post('wechat.mch_ssl_type') === 'p12') {
+                if (!($sslp12 = $this->request->post('wechat.mch_ssl_p12'))) {
+                    $mchid = $this->request->post('wechat.mch_id');
                     $content = Storage::instance('local')->get($sslp12, true);
                     if (!openssl_pkcs12_read($content, $certs, $mchid)) {
                         $this->error('商户MCH_ID与支付P12证书不匹配！');
diff --git a/app/wechat/controller/api/Test.php b/app/wechat/controller/api/Test.php
index 50b73382f..564b91115 100644
--- a/app/wechat/controller/api/Test.php
+++ b/app/wechat/controller/api/Test.php
@@ -152,7 +152,7 @@ class Test extends Controller
             'out_trade_no'     => time(),
             'total_fee'        => '1',
             'trade_type'       => 'NATIVE',
-            'notify_url'       => url('@wechat/api.test/notify', [], true, true),
+            'notify_url'       => url('@wechat/api.test/notify', [], false, true),
             'spbill_create_ip' => request()->ip(),
         ]);
         $this->showQrc($result['code_url']);
diff --git a/app/wechat/service/WechatService.php b/app/wechat/service/WechatService.php
index a867910e1..283f10cac 100644
--- a/app/wechat/service/WechatService.php
+++ b/app/wechat/service/WechatService.php
@@ -181,17 +181,21 @@ class WechatService extends Service
      */
     public function getConfig()
     {
-        return [
+        $options = [
             'token'          => sysconf('wechat.token'),
             'appid'          => sysconf('wechat.appid'),
             'appsecret'      => sysconf('wechat.appsecret'),
             'encodingaeskey' => sysconf('wechat.encodingaeskey'),
             'mch_id'         => sysconf('wechat.mch_id'),
-            'mch_key'        => sysconf('wechat.mch_key'),
-            'ssl_key'        => sysconf('wechat.mch_ssl_key'),
-            'ssl_cer'        => sysconf('wechat.mch_ssl_cer'),
             'cache_path'     => $this->app->getRuntimePath() . 'wechat',
         ];
+        if (sysconf('wechat.mch_ssl_type') === 'p12') {
+            $options['ssl_p12'] = sysconf('wechat.mch_ssl_p12');
+        } else {
+            $options['ssl_key'] = sysconf('wechat.mch_ssl_key');
+            $options['ssl_cer'] = sysconf('wechat.mch_ssl_cer');
+        }
+        return $options;
     }
 
     /**
diff --git a/app/wechat/view/config/payment.html b/app/wechat/view/config/payment.html
index 90de8efa3..0c6e4928d 100644
--- a/app/wechat/view/config/payment.html
+++ b/app/wechat/view/config/payment.html
@@ -23,20 +23,20 @@
                 {foreach ['pem'=>'上传 PEM 证书','p12'=>'上传 P12 证书'] as $k=>$v}
                 <input type="radio" data-pem-type="{$k}" name="wechat.mch_ssl_type" value="{$k}" title="{$v}" lay-filter="data-mch-type">
                 {/foreach}
-                <p class="help-block">请选择需要上传证书类型，P12 和 PEM 二选一，证书需要从微信商户平台获取</p>
+                <p class="help-block">请选择需要上传证书类型，P12 或 PEM 二选一，证书需要从微信商户平台获取</p>
                 <div data-mch-type="p12" class="layui-tab-item padding-top-15 padding-bottom-15">
-                    <input name="wechat.mch_ssl_p12" value="{$wechat.mch_ssl_p12|default=''}" type="hidden">
+                    <input name="wechat.mch_ssl_p12" value="{$mch_ssl_p12|default=''}" type="hidden">
                     <button data-file="btn" data-uptype="local" data-safe="true" data-type="p12" data-field="wechat.mch_ssl_p12" type="button" class="layui-btn layui-btn-primary">
                         <i class="layui-icon layui-icon-vercode font-s14"></i> 上传 P12 证书
                     </button>
                     <p class="help-block margin-top-10">微信商户支付 P12 证书，实现订单退款、打款、发红包等支出功能都使用证书</p>
                 </div>
                 <div data-mch-type="pem" class="layui-tab-item padding-top-15 padding-bottom-15">
-                    <input name="wechat.mch_ssl_key" value="{$wechat.mch_ssl_key|default=''}" type="hidden">
+                    <input name="wechat.mch_ssl_key" value="{$mch_ssl_key|default=''}" type="hidden">
                     <button data-file="btn" data-uptype="local" data-safe="true" data-type="pem" data-field="wechat.mch_ssl_key" type="button" class="layui-btn layui-btn-primary margin-right-5">
                         <i class="layui-icon layui-icon-vercode font-s14"></i> 上传 KEY 证书
                     </button>
-                    <input name="wechat.mch_ssl_cer" value="{$wechat.mch_ssl_cer|default=''}" type="hidden">
+                    <input name="wechat.mch_ssl_cer" value="{$mch_ssl_cer|default=''}" type="hidden">
                     <button data-file="btn" data-uptype="local" data-safe="true" data-type="pem" data-field="wechat.mch_ssl_cer" type="button" class="layui-btn layui-btn-primary">
                         <i class="layui-icon layui-icon-vercode font-s14"></i> 上传CERT证书
                     </button>
@@ -63,22 +63,22 @@
             apply(data.value);
         });
         apply.call(this, this.type);
-
-        function apply(type) {
-            $('[data-mch-type="' + type + '"]').show().siblings('[data-mch-type]').hide();
-        };
         // 证书文件上传控制
         this.types = ['wechat.mch_ssl_p12', 'wechat.mch_ssl_key', 'wechat.mch_ssl_cer'];
-        for (var i in this.types) $('input[name="' + this.types[i] + '"]').on('change', function (input, $button) {
-            input = this, $button = $(this).next('button');
+        for (var i in this.types) $('input[name="' + this.types[i] + '"]').on('change', function (that, $button) {
+            that = this, $button = $(this).next('button');
             setTimeout(function () {
-                if (typeof input.value === 'string' && input.value.length > 5) {
+                if (typeof that.value === 'string' && that.value.length > 5) {
                     $button.find('i').addClass('color-green layui-icon-vercode').removeClass('layui-icon-upload-drag');
                 } else {
                     $button.find('i').removeClass('color-green layui-icon-vercode').addClass('layui-icon-upload-drag');
                 }
             }, 300);
         }).trigger('change');
+
+        function apply(type) {
+            $('[data-mch-type="' + type + '"]').show().siblings('[data-mch-type]').hide();
+        }
     });
 </script>
 {/block}
diff --git a/vendor/services.php b/vendor/services.php
index ca81da57e..0c3e51da8 100644
--- a/vendor/services.php
+++ b/vendor/services.php
@@ -1,5 +1,5 @@
 <?php 
-// This file is automatically generated at:2019-12-21 15:01:30
+// This file is automatically generated at:2019-12-21 17:11:54
 declare (strict_types = 1);
 return array (
   0 => 'think\\app\\Service',
diff --git a/vendor/zoujingli/think-library/src/storage/LocalStorage.php b/vendor/zoujingli/think-library/src/storage/LocalStorage.php
index d2dfebaa0..30fd140eb 100644
--- a/vendor/zoujingli/think-library/src/storage/LocalStorage.php
+++ b/vendor/zoujingli/think-library/src/storage/LocalStorage.php
@@ -114,7 +114,7 @@ class LocalStorage extends Storage
      */
     public function url($name, $safe = false)
     {
-        if ($safe) return null;
+        if ($safe) return $name;
         $root = rtrim(dirname($this->app->request->basefile(true)), '\\/');
         return "{$root}/upload/{$name}";
     }