From c53ab5961e299d01b772cb9c42ee9589f2e9b496 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Wed, 21 Aug 2019 05:28:07 -0600
Subject: [PATCH] Update file_save.php

---
 app/edit/file_save.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/edit/file_save.php b/app/edit/file_save.php
index b34a9e4bf2..578e188884 100644
--- a/app/edit/file_save.php
+++ b/app/edit/file_save.php
@@ -116,7 +116,7 @@
 	$path_prefix = substr($path_array['dirname'], 0, strlen($edit_directory));
 
 //validate the path
-	if ($path_prefix == $edit_directory) {
+	if (realpath($path_prefix) == realpath($edit_directory)) {
 		if ($file_path != '') {
 			try {
 				//save file content