diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-04-10 15:26:28 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-04-10 15:26:28 +0000 |
commit | 01b2f099c449b9bea52fdc400043609edaf373fa (patch) | |
tree | 4a00269df977a3f108acdaa65671d01bbf106fb2 | |
parent | 40cc70b29946e4656e50dce98700193732ff042e (diff) | |
download | wordpress-mu-01b2f099c449b9bea52fdc400043609edaf373fa.tar.gz wordpress-mu-01b2f099c449b9bea52fdc400043609edaf373fa.tar.xz wordpress-mu-01b2f099c449b9bea52fdc400043609edaf373fa.zip |
weblog_title gets passed to update_option() eventually which expects unescaped values
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1226 7be80a69-a1ef-0310-a953-fb0f7c49ff36
-rw-r--r-- | index-install.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/index-install.php b/index-install.php index 81e520e..648cfa0 100644 --- a/index-install.php +++ b/index-install.php @@ -366,7 +366,7 @@ function step3() { $email = $wpdb->escape( $_POST[ 'email' ] ); if( $email == '' ) die( 'You must enter an email address!' ); - $weblog_title = $wpdb->escape( $_POST[ 'weblog_title' ] ); + $weblog_title = stripslashes( $_POST[ 'weblog_title' ] ); // set up site tables $wpdb->query( "INSERT INTO ".$wpdb->sitemeta." (meta_id, site_id, meta_key, meta_value) VALUES (NULL, 1, 'admin_email', '".$email."')" ); |