diff --git a/app/function.php b/app/function.php
index 08ef5c5..ea3bdac 100644
--- a/app/function.php
+++ b/app/function.php
@@ -1827,6 +1827,10 @@ function chunk($target_name)
     $target_file = APP_ROOT . $config['path'] . 'cache/' . $target_name;
     // 储存分片
     if (!is_dir($temp_dir)) mkdir($temp_dir, 0755, true);
+    // 检查分片参数
+    if (!is_numeric($_REQUEST['chunk']) || !is_numeric($_REQUEST['chunks'])) {
+        die('Invalid input'); // or die('Invalid input');
+    }
     // 移动缓存分片
     move_uploaded_file($_FILES['file']['tmp_name'], $temp_dir . $_REQUEST['chunk']);
     // 合并分片