diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/install.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/phpBB/install.php b/phpBB/install.php index 4633b30d6b..7bf31de9b0 100644 --- a/phpBB/install.php +++ b/phpBB/install.php @@ -367,12 +367,14 @@ else if( !empty($HTTP_POST_VARS['send_file']) && $HTTP_POST_VARS['send_file'] == $s_hidden_fields = '<input type="hidden" name="config_data" value="' . htmlspecialchars($HTTP_POST_VARS['config_data']) . '" />'; $s_hidden_fields .= '<input type="hidden" name="ftp_file" value="1" />'; - $template->assign_block_vars("switch_ftp_file", array()); - $template->assign_block_vars("switch_common_install", array()); if( $upgrade == 1 ) { $s_hidden_fields .= '<input type="hidden" name="upgrade" value="1" />'; } + + $template->assign_block_vars("switch_ftp_file", array()); + $template->assign_block_vars("switch_common_install", array()); + $template->assign_vars(array( "L_INSTRUCTION_TEXT" => $lang['ftp_instructs'], "L_FTP_INFO" => $lang['ftp_info'], @@ -712,7 +714,7 @@ else } $sql = "INSERT INTO " . $table_prefix . "config (config_name, config_value) - VALUES ('default_lang', '$language')"; + VALUES ('default_lang', '" . str_replace("\'", "''", $language) . "')"; $result = $db->sql_query($sql); if( !$result ) { @@ -722,7 +724,7 @@ else $admin_pass_md5 = ( $confirm && $userdata['user_level'] == ADMIN ) ? $admin_pass1 : md5($admin_pass1); $sql = "UPDATE " . $table_prefix . "users - SET username = '$admin_name', user_password='$admin_pass_md5', user_lang = '" . $language . "' + SET username = '" . str_replace("\'", "''", $admin_name) . "', user_password='" . str_replace("\'", "''", $admin_pass_md5) . "', user_lang = '" . str_replace("\'", "''", $language) . "' WHERE username = 'Admin'"; $result = $db->sql_query($sql); if( !$result ) @@ -906,4 +908,4 @@ else } } -?> +?>
\ No newline at end of file |