Make Sure File Extension Does Not Contain /

A potential security vulnerability as reported by @751897386

<mecha-cms/mecha#295>

about.page

@@ -6,7 +6,7 @@ color: '#84336f'
 image: /lot/x/panel/index.png
 author: Taufik Nurrohman
 type: Markdown
-version: 3.0.0
+version: 3.0.1
 price: [25, USD]
 prices:
 - for: Free to use for your own purposes or for the benefit of others who do not pay for your work.

index.php

@@ -10,8 +10,8 @@
                 $stuck[] = $v;
             }
         }
-        // TODO: Attempt to revert to the previous state if recent update(s) are not compatible with other extension(s)
-        // and layout(s) in the current system set up.
+        // TODO: Attempt to revert to the previous state if recent update is not compatible with other extension(s) and
+        // layout(s) in the current system set up.
         // // \test($stuck);
         // // exit;
     }

index/panel/type/page.php

@@ -50,7 +50,7 @@
         $_POST['page']['title'] = To::description($_POST['page']['title'], 255);
     }
     // Make sure to have a file extension
-    $_POST['page']['x'] = strip_tags($_POST['page']['x'] ?? 'page');
+    $_POST['page']['x'] = basename(strip_tags($_POST['page']['x'] ?? 'page'));
     // Make sure to have a file name
     if (empty($_POST['page']['name'])) {
         $name = To::kebab($_POST['page']['title'] ?? "");

index/panel/type/page/page.php

@@ -2,7 +2,7 @@
 
 if ('POST' === $_SERVER['REQUEST_METHOD']) {
     $chunk = $_POST['data']['chunk'] ?? $_POST['page']['chunk'] ?? null;
-    $x = $_POST['page']['x'] ?? 'page';
+    $x = basename(strip_tags($_POST['page']['x'] ?? 'page'));
     // Having chunk value less than `1` will not create a `chunk.data` file. Instead, it will create a placeholder page
     // to hide the pages.
     if (is_int($chunk) && $chunk < 1 && is_dir($folder)) {