malhuda/developer
1
0
Fork 0
mirror of https://github.com/easy-wi/developer.git synced 2025-02-20 11:23:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Missing escaping while writing config files #876

Browse Source
This commit is contained in:
Ulrich Block 2016-06-27 11:28:39 +02:00
parent 8b0ad9388e
commit 52d48353a5
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
install/install.php
View File

@ -304,10 +304,10 @@ if ($currentStep == 2 and count($systemCheckError) == 0) {
// This file was generated by the easy-wi.com installer
" . '$host' . " = '" . $_POST['host'] . "';
" . '$user' . " = '" . $_POST['user'] . "';
" . '$db' . " = '" . $_POST['db'] . "';
" . '$pwd' . " = '" . $_POST['pwd'] . "';
" . '$host' . " = '" . addcslashes($_POST['host'], "'") . "';
" . '$user' . " = '" . addcslashes($_POST['user'], "'") . "';
" . '$db' . " = '" . addcslashes($_POST['db'], "'") . "';
" . '$pwd' . " = '" . addcslashes($_POST['pwd'], "'") . "';
" . '$captcha' . " = 0;
" . '$title' . " = '';
" . '$debug' . " = 0;
@ -329,7 +329,7 @@ if ($currentStep == 2 and count($systemCheckError) == 0) {
// This file was generated by the easy-wi.com installer
$aeskey = "' . $_POST['aeskey'] . '";
$aeskey = "' . addcslashes($_POST['aeskey'], "'") . '";
';
@fwrite($keyFp, $configdata);