From d8cbfea8f4473ee9d61698e40e746684de05a30a Mon Sep 17 00:00:00 2001
From: Stefan Brand <seiichiro@seiichiro0185.org>
Date: Tue, 11 Jan 2022 17:10:11 +0100
Subject: [PATCH] Prevent Path Traversal

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index 32a34ab..155e92b 100644
--- a/index.php
+++ b/index.php
@@ -43,7 +43,7 @@ if (isset($_SESSION['files'])
 
 
   
-  if ($r_imagedir === false || strpos($r_imagedir, $r_basedir . DIRECTORY_SEPARATOR) !== 0) {
+  if ($r_imagedir === false || strpos(Helpers::end_dir($r_imagedir), $r_basedir.DIRECTORY_SEPARATOR) !== 0) {
     print_r($r_basedir);
   
     print_r($r_imagedir);