Permalink
Browse files

Install: escape strings in generated config_inc.php

Fixes #17012
  • Loading branch information...
dregad committed Feb 26, 2014
1 parent fec0532 commit aa962973b95736e573fb9a1f9864c1e95a3fd836
Showing with 4 additions and 4 deletions.
  1. +4 −4 admin/install.php
View
@@ -998,9 +998,9 @@ function print_test( $p_test_description, $p_result, $p_hard_fail = true, $p_mes
$t_config = '<?php' . PHP_EOL
. "\$g_hostname = '$f_hostname';" . PHP_EOL
. "\$g_db_type = '$f_db_type';" . PHP_EOL
- . "\$g_database_name = '$f_database_name';" . PHP_EOL
- . "\$g_db_username = '$f_db_username';" . PHP_EOL
- . "\$g_db_password = '$f_db_password';" . PHP_EOL;
+ . "\$g_database_name = '" . addslashes( $f_database_name ) . "';" . PHP_EOL
+ . "\$g_db_username = '" . addslashes( $f_db_username ) . "';" . PHP_EOL
+ . "\$g_db_password = '" . addslashes( $f_db_password ) . "';" . PHP_EOL;
switch( $f_db_type ) {
case 'db2':
@@ -1027,7 +1027,7 @@ function print_test( $p_test_description, $p_result, $p_hard_fail = true, $p_mes
$t_config .=
"\$g_default_timezone = '$f_timezone';" . PHP_EOL
. PHP_EOL
- . "\$g_crypto_master_salt = '$f_crypto_master_salt';" . PHP_EOL;
+ . "\$g_crypto_master_salt = '" . addslashes( $f_crypto_master_salt ) . "';" . PHP_EOL;
$t_write_failed = true;

0 comments on commit aa96297

Please sign in to comment.