From e71289398b74c8db9db8e0f3ea54124a18f6c0d6 Mon Sep 17 00:00:00 2001
From: chiu <naruto0426@rulingcom.com>
Date: Wed, 4 Aug 2021 20:14:32 +0800
Subject: [PATCH] fix

---
 app/controllers/announcements_controller.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/controllers/announcements_controller.rb b/app/controllers/announcements_controller.rb
index ea21325..40c3235 100644
--- a/app/controllers/announcements_controller.rb
+++ b/app/controllers/announcements_controller.rb
@@ -497,7 +497,10 @@ class AnnouncementsController < ApplicationController
   end
   def get_file
     @url = request.path
-    render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found, :content_type => 'text/html' and return if @url.match(/\/\.\./)
+    if @url.match(/\/\.\./)
+        render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found, :content_type => 'text/html'
+        return
+    end
     begin
       file = BulletinFile.find(params[:id])
       if File.basename(file.file.path) != URI.decode(params[:f_name])