From 8064fdf5581724bb21b4ad6b01a656b856b725fa Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Fri, 21 Dec 2001 15:52:14 +0000 Subject: [PATCH] More \' to '' changes git-svn-id: file:///svn/phpbb/trunk@1662 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/install.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/phpBB/install.php b/phpBB/install.php index 4633b30d6b..7bf31de9b0 100644 --- a/phpBB/install.php +++ b/phpBB/install.php @@ -367,12 +367,14 @@ else if( !empty($HTTP_POST_VARS['send_file']) && $HTTP_POST_VARS['send_file'] == $s_hidden_fields = ''; $s_hidden_fields .= ''; - $template->assign_block_vars("switch_ftp_file", array()); - $template->assign_block_vars("switch_common_install", array()); if( $upgrade == 1 ) { $s_hidden_fields .= ''; } + + $template->assign_block_vars("switch_ftp_file", array()); + $template->assign_block_vars("switch_common_install", array()); + $template->assign_vars(array( "L_INSTRUCTION_TEXT" => $lang['ftp_instructs'], "L_FTP_INFO" => $lang['ftp_info'], @@ -712,7 +714,7 @@ else } $sql = "INSERT INTO " . $table_prefix . "config (config_name, config_value) - VALUES ('default_lang', '$language')"; + VALUES ('default_lang', '" . str_replace("\'", "''", $language) . "')"; $result = $db->sql_query($sql); if( !$result ) { @@ -722,7 +724,7 @@ else $admin_pass_md5 = ( $confirm && $userdata['user_level'] == ADMIN ) ? $admin_pass1 : md5($admin_pass1); $sql = "UPDATE " . $table_prefix . "users - SET username = '$admin_name', user_password='$admin_pass_md5', user_lang = '" . $language . "' + SET username = '" . str_replace("\'", "''", $admin_name) . "', user_password='" . str_replace("\'", "''", $admin_pass_md5) . "', user_lang = '" . str_replace("\'", "''", $language) . "' WHERE username = 'Admin'"; $result = $db->sql_query($sql); if( !$result ) @@ -906,4 +908,4 @@ else } } -?> +?> \ No newline at end of file