Merge commit from fork

feat: add validation for chunk parameters in file upload function

app/function.php

@@ -1827,6 +1827,10 @@ function chunk($target_name)
     $target_file = APP_ROOT . $config['path'] . 'cache/' . $target_name;
     // 储存分片
     if (!is_dir($temp_dir)) mkdir($temp_dir, 0755, true);
+    // 检查分片参数
+    if (!is_numeric($_REQUEST['chunk']) || !is_numeric($_REQUEST['chunks'])) {
+        die('Invalid input'); // or die('Invalid input');
+    }
     // 移动缓存分片
     move_uploaded_file($_FILES['file']['tmp_name'], $temp_dir . $_REQUEST['chunk']);
     // 合并分片