From 575b7330b12e3244c3169d836dd6be5485440a3a Mon Sep 17 00:00:00 2001 From: donncha Date: Thu, 8 May 2008 09:42:09 +0000 Subject: Stripslashes the title before passing it to wpmu_create_blog(), fixes #621 git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1276 7be80a69-a1ef-0310-a953-fb0f7c49ff36 --- wp-admin/wpmu-edit.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'wp-admin') diff --git a/wp-admin/wpmu-edit.php b/wp-admin/wpmu-edit.php index c2b985f..03d6c82 100644 --- a/wp-admin/wpmu-edit.php +++ b/wp-admin/wpmu-edit.php @@ -90,6 +90,7 @@ switch( $_GET['action'] ) { $blog = $_POST['blog']; $domain = strtolower( wp_specialchars( $blog['domain'] ) ); $email = wp_specialchars( $blog['email'] ); + $title = stripslashes( wp_specialchars( $blog['title'] ) ); if ( empty($domain) || empty($email)) wp_die( __('Missing blog address or email address.') ); @@ -116,12 +117,12 @@ switch( $_GET['action'] ) { } $wpdb->hide_errors(); - $blog_id = wpmu_create_blog($newdomain, $path, wp_specialchars( $blog['title'] ), $user_id , array( "public" => 1 ), $current_site->id); + $blog_id = wpmu_create_blog($newdomain, $path, $title, $user_id , array( "public" => 1 ), $current_site->id); $wpdb->show_errors(); if( !is_wp_error($blog_id) ) { if( get_user_option( $user_id, 'primary_blog' ) == 1 ) update_user_option( $user_id, 'primary_blog', $blog_id, true ); - $content_mail = sprintf(__("New blog created by %1s\n\nAddress: http://%2s\nName: %3s"), $current_user->user_login , $newdomain.$path, wp_specialchars($blog['title']) ); + $content_mail = sprintf( __( "New blog created by %1s\n\nAddress: http://%2s\nName: %3s"), $current_user->user_login , $newdomain.$path, $title ); wp_mail( get_site_option('admin_email'), sprintf(__('[%s] New Blog Created'), $current_site->site_name), $content_mail, 'From: "Site Admin" <' . get_site_option( 'admin_email' ) . '>' ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'add-blog'), $_SERVER['HTTP_REFERER'] ) ); exit(); -- cgit