daxi20/xinhu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

发布v2.7.1版本

Browse Source
This commit is contained in:
雨中磐石
2025-12-24 10:03:51 +08:00
parent 69f5376af9
commit 60f759a90c
16 changed files with 230 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
webmain/system/sysfile/sysfileAction.php
View File

@@ -165,6 +165,7 @@ class sysfileClassAction extends Action
if($str=$this->iscaozuo())return $str;
$path = $this->jm->base64decode($this->get('path'));
if(isempt($path))return '无效文件';
$path = str_replace('../','',$path);
$isdel = 0;
foreach($this->isdelmu as $sdif)if(strpos($path, $sdif)===0)$isdel=1;
if($isdel==0)return '此文件禁止删除';