Browse Source

Update file_save.php

FusionPBX 6 years ago
parent
commit
e0d3a741fb
1 changed files with 1 additions and 1 deletions
  1. 1 1
      file_save.php

+ 1 - 1
file_save.php

@@ -116,7 +116,7 @@
 	$path_prefix = substr($path_array['dirname'], 0, strlen($edit_directory));
 
 //validate the path
-	if ($path_prefix == $edit_directory) {
+	if (realpath($path_prefix) == realpath($edit_directory)) {
 		if ($file_path != '') {
 			try {
 				//save file content