From 4532d43aebbf113b91d8c6408f5d080a36b3343d Mon Sep 17 00:00:00 2001
From: Skylar Ittner <admin@netsyms.com>
Date: Tue, 1 Jan 2019 16:07:58 -0700
Subject: [PATCH] Ignore URL arguments when checking directory

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index cc1be1e..9dffbf5 100644
--- a/index.php
+++ b/index.php
@@ -1191,7 +1191,7 @@ $EXT2MIME = [
 	"ice" => "x-conference/x-cooltalk",
 ];
 
-$path = $_SERVER['REQUEST_URI'];
+$path = explode('?', $_SERVER['REQUEST_URI'], 2)[0];
 $dir = realpath(__DIR__ . $path);
 if (strpos($dir, $ROOTPATH) !== 0) {
 	die("Access denied.");