diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-05-08 09:42:09 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-05-08 09:42:09 +0000 |
commit | 575b7330b12e3244c3169d836dd6be5485440a3a (patch) | |
tree | 5af2f925544d173da691194dfdef35cb825b3a3b /wp-admin/wpmu-edit.php | |
parent | 4c3d64d83369a786531107f837b2ca3451848ea5 (diff) | |
download | wordpress-mu-575b7330b12e3244c3169d836dd6be5485440a3a.tar.gz wordpress-mu-575b7330b12e3244c3169d836dd6be5485440a3a.tar.xz wordpress-mu-575b7330b12e3244c3169d836dd6be5485440a3a.zip |
Stripslashes the title before passing it to wpmu_create_blog(), fixes #621
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1276 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin/wpmu-edit.php')
-rw-r--r-- | wp-admin/wpmu-edit.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/wp-admin/wpmu-edit.php b/wp-admin/wpmu-edit.php index c2b985f..03d6c82 100644 --- a/wp-admin/wpmu-edit.php +++ b/wp-admin/wpmu-edit.php @@ -90,6 +90,7 @@ switch( $_GET['action'] ) { $blog = $_POST['blog']; $domain = strtolower( wp_specialchars( $blog['domain'] ) ); $email = wp_specialchars( $blog['email'] ); + $title = stripslashes( wp_specialchars( $blog['title'] ) ); if ( empty($domain) || empty($email)) wp_die( __('Missing blog address or email address.') ); @@ -116,12 +117,12 @@ switch( $_GET['action'] ) { } $wpdb->hide_errors(); - $blog_id = wpmu_create_blog($newdomain, $path, wp_specialchars( $blog['title'] ), $user_id , array( "public" => 1 ), $current_site->id); + $blog_id = wpmu_create_blog($newdomain, $path, $title, $user_id , array( "public" => 1 ), $current_site->id); $wpdb->show_errors(); if( !is_wp_error($blog_id) ) { if( get_user_option( $user_id, 'primary_blog' ) == 1 ) update_user_option( $user_id, 'primary_blog', $blog_id, true ); - $content_mail = sprintf(__("New blog created by %1s\n\nAddress: http://%2s\nName: %3s"), $current_user->user_login , $newdomain.$path, wp_specialchars($blog['title']) ); + $content_mail = sprintf( __( "New blog created by %1s\n\nAddress: http://%2s\nName: %3s"), $current_user->user_login , $newdomain.$path, $title ); wp_mail( get_site_option('admin_email'), sprintf(__('[%s] New Blog Created'), $current_site->site_name), $content_mail, 'From: "Site Admin" <' . get_site_option( 'admin_email' ) . '>' ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'add-blog'), $_SERVER['HTTP_REFERER'] ) ); exit(); |