The users do it because they can.
However, image auto-resize etc. breaks down.
This make me a sad boy.
How to limit image uploads to GIF, PNG and JPEG sitewide?
- For Archetypes 
- For Dexterity 
i ran into similar problems these days and worked around them like that:
- add a custom widget that adds an acceptattribute to the file input
- set field.swallowResizeExceptions = Trueso users at least don't get a site-error when uploading an unsopported image type
- state mimetypes that work in description
The field definition looks like this:
atapi.ImageField('image1',
    swallowResizeExceptions = True,
    widget = atapi.ImageWidget(
        label = _(u"Image 1"),
        description = _(u"Image used in listings. (JPEG, PNG and GIF are supported)"),
        show_content_type = False,
        accept = 'image/*',
        macro = 'mywidgets/myimage',
        ),
    ),
note that accept="image/jpeg,image/gif"was ignored by firefox11
although it sould be supported according to http://www.w3schools.com/tags/att_input_accept.asp
mywidgets/myimage is a customized version of archetypes/skins/widgets/image.pt that uses a customized version of archetypes/skins/widgets/file.pt
<metal:define define-macro="edit">
...
   <metal metal:use-macro="here/mywidgets/myfile/macros/file_upload"/>
...
and mywidgets/myfile.pt simply defines this macro:
<metal:define define-macro="file_upload"
       tal:define="unit accessor;
                   size unit/get_size | python:unit and len(unit) or 0;">
    <input type="file"
           size="30"
           tal:attributes="name string:${fieldName}_file;
                           id string:${fieldName}_file;
                           accept widget/accept|nothing;" />
    <script type="text/javascript"
        tal:define="isDisabled python:test(accessor() and size!=0, 'true', 'false')"
            tal:content="string:document.getElementById('${fieldName}_file').disabled=$isDisabled;">
    </script>
</metal:define>
Using Archetypes you override the image content class or create your own custom image content class with the following schema.
You can just add the line
allowable_content_types = ('image/gif', 'image/jpeg', 'image/png'),
to your schema
ie
MyImageSchema = schemata.ATContentTypeSchema.copy() + atapi.Schema((
        ImageField('image',
            required = False,
            allowable_content_types = ('image/gif', 'image/jpeg', 'image/png'),
            storage=AttributeStorage(),
            sizes= {'large'   : (768, 768),
                   'preview' : (400, 400),
                   'mini'    : (200, 200),
                   'thumb'   : (128, 128),
                   'tile'    :  (64, 64),
                   'icon'    :  (32, 32),
                   'listing' :  (16, 16),
                  },
          widget = ImageWidget(
                     label=_(u"Image"),
                     show_content_type=False,
             ),
    ),
I would probably use a schema extender to extend the Image class, overriding that particular field
Side-wide restriction for AT using the post validation event:
来源:https://stackoverflow.com/questions/9127630/preventing-users-to-upload-bmp-tiff-etc-images-to-imagefield-in-plone