diff --git a/application/admin/controller/Ajax.php b/application/admin/controller/Ajax.php
index a1626c46..1e34d85d 100644
--- a/application/admin/controller/Ajax.php
+++ b/application/admin/controller/Ajax.php
@@ -50,7 +50,7 @@ class Ajax extends Backend
 
         $controllername = $this->request->get('controllername');
         $lang = $this->request->get('lang');
-        if (!$lang || !in_array($lang, config('allow_lang_list')) || !$controllername || !preg_match("/^[a-z0-9\.]+$/i", $controllername)) {
+        if (!$lang || !in_array($lang, config('allow_lang_list')) || !$controllername || !preg_match("/^[a-z0-9_\.]+$/i", $controllername)) {
             return jsonp(['errmsg' => '参数错误'], 200, [], ['json_encode_param' => JSON_FORCE_OBJECT | JSON_UNESCAPED_UNICODE]);
         }
 
diff --git a/application/index/controller/Ajax.php b/application/index/controller/Ajax.php
index 3e1f24a1..3b73aa35 100644
--- a/application/index/controller/Ajax.php
+++ b/application/index/controller/Ajax.php
@@ -34,7 +34,7 @@ class Ajax extends Frontend
 
         $controllername = $this->request->get('controllername');
         $lang = $this->request->get('lang');
-        if (!$lang || !in_array($lang, config('allow_lang_list')) || !$controllername || !preg_match("/^[a-z0-9\.]+$/i", $controllername)) {
+        if (!$lang || !in_array($lang, config('allow_lang_list')) || !$controllername || !preg_match("/^[a-z0-9_\.]+$/i", $controllername)) {
             return jsonp(['errmsg' => '参数错误'], 200, [], ['json_encode_param' => JSON_FORCE_OBJECT | JSON_UNESCAPED_UNICODE]);
         }