From 72431c5a8d73574c07cdffb1159b60690fdfeb5b Mon Sep 17 00:00:00 2001
From: tianya <yanghuxiao@vip.qq.com>
Date: Thu, 31 Aug 2023 08:07:15 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E4=BB=BB=E6=84=8F=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E8=A2=AB=E5=88=A0=E9=99=A4=E7=9A=84bug?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/admin/file_class.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/admin/file_class.php b/src/admin/file_class.php
index b70e587e..fc5fe2f9 100644
--- a/src/admin/file_class.php
+++ b/src/admin/file_class.php
@@ -145,6 +145,7 @@ class FileManagement
      */
     function DeleteFile($filename)
     {
+        $filename = str_replace("..", "", $filename);
         $filename = $this->baseDir.$this->activeDir."/$filename";
         if (is_file($filename)) {
             @unlink($filename);