Skip to content
Snippets Groups Projects
Commit 5126fe42 authored by lobo's avatar lobo
Browse files

CRM-12386 

----------------------------------------
* CRM-12386: Ensure civicrm_root is escaped in WP install script
  http://issues.civicrm.org/jira/browse/CRM-12386
parent 62fe1379
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 18 additions and 17 deletions
install/civicrm.php
+ 18
17
View file @ 5126fe42
...@@ -187,23 +187,21 @@ function civicrm_config(&$config) { ...@@ -187,23 +187,21 @@ function civicrm_config(&$config) {
); );
$params['baseURL'] = isset($config['base_url']) ? $config['base_url'] : civicrm_cms_base(); $params['baseURL'] = isset($config['base_url']) ? $config['base_url'] : civicrm_cms_base();
if ($installType == 'drupal' && if ($installType == 'drupal') {
version_compare(VERSION, '7.0-rc1') >= 0 if (version_compare(VERSION, '7.0-rc1') >= 0) {
) { $params['cms'] = 'Drupal';
$params['cms'] = 'Drupal'; $params['CMSdbUser'] = addslashes($config['drupal']['username']);
$params['CMSdbUser'] = addslashes($config['drupal']['username']); $params['CMSdbPass'] = addslashes($config['drupal']['password']);
$params['CMSdbPass'] = addslashes($config['drupal']['password']); $params['CMSdbHost'] = $config['drupal']['server'];
$params['CMSdbHost'] = $config['drupal']['server']; $params['CMSdbName'] = addslashes($config['drupal']['database']);
$params['CMSdbName'] = addslashes($config['drupal']['database']); }
} elseif (version_compare(VERSION, '6.0') >= 0) {
elseif ($installType == 'drupal' && $params['cms'] = 'Drupal6';
version_compare(VERSION, '6.0') >= 0 $params['CMSdbUser'] = addslashes($config['drupal']['username']);
) { $params['CMSdbPass'] = addslashes($config['drupal']['password']);
$params['cms'] = 'Drupal6'; $params['CMSdbHost'] = $config['drupal']['server'];
$params['CMSdbUser'] = addslashes($config['drupal']['username']); $params['CMSdbName'] = addslashes($config['drupal']['database']);
$params['CMSdbPass'] = addslashes($config['drupal']['password']); }
$params['CMSdbHost'] = $config['drupal']['server'];
$params['CMSdbName'] = addslashes($config['drupal']['database']);
} }
else { else {
$params['cms'] = 'WordPress'; $params['cms'] = 'WordPress';
...@@ -211,6 +209,9 @@ function civicrm_config(&$config) { ...@@ -211,6 +209,9 @@ function civicrm_config(&$config) {
$params['CMSdbPass'] = addslashes(DB_PASSWORD); $params['CMSdbPass'] = addslashes(DB_PASSWORD);
$params['CMSdbHost'] = DB_HOST; $params['CMSdbHost'] = DB_HOST;
$params['CMSdbName'] = addslashes(DB_NAME); $params['CMSdbName'] = addslashes(DB_NAME);
// CRM-12386
$params['crmRoot'] = addslashes($params['crmRoot']);
} }
$params['siteKey'] = md5(uniqid('', TRUE) . $params['baseURL']); $params['siteKey'] = md5(uniqid('', TRUE) . $params['baseURL']);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment