From 0864452ab60ccbdf9bae782002372f0edf87b23f Mon Sep 17 00:00:00 2001
From: Matt Mullenweg <matt@git.wordpress.org>
Date: Sat, 27 Mar 2004 17:05:16 +0000
Subject: [PATCH] Strip ../ in reading.

git-svn-id: https://develop.svn.wordpress.org/trunk@1020 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/templates.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/wp-admin/templates.php b/wp-admin/templates.php
index 41a4ba8463..499588b92c 100644
--- a/wp-admin/templates.php
+++ b/wp-admin/templates.php
@@ -83,6 +83,7 @@ default:
 		$file = '.' . $file;
 	
 	$file = stripslashes($file);
+	$file = str_replace('../', '', $file);
 	$file = '../' . $file;
 	
 	if (!is_file($file))