MDL-10607 - support single quotes in db user/password in installer

merged from MOODLE_19_STABLE

diff --git a/install.php b/install.php
index a7e268caaf2153a603e9df50b2eff3847ee17b1e..63b25faa03a588b79481c76b45cb1abe3abe3c70 100644 (file)
--- a/install.php
+++ b/install.php
@@ -525,8 +525,9 @@ if ($nextstage == SAVE) {
     $str .= '$CFG->dbhost    = \''.addslashes($INSTALL['dbhost'])."';\r\n";
     if (!empty($INSTALL['dbname'])) {
         $str .= '$CFG->dbname    = \''.$INSTALL['dbname']."';\r\n";
-        $str .= '$CFG->dbuser    = \''.$INSTALL['dbuser']."';\r\n";
-        $str .= '$CFG->dbpass    = \''.$INSTALL['dbpass']."';\r\n";
+        // support single quotes in db user/passwords
+        $str .= '$CFG->dbuser    = \''.addsingleslashes($INSTALL['dbuser'])."';\r\n";
+        $str .= '$CFG->dbpass    = \''.addsingleslashes($INSTALL['dbpass'])."';\r\n";
     }
     $str .= '$CFG->dbpersist =  false;'."\r\n";
     $str .= '$CFG->prefix    = \''.$INSTALL['prefix']."';\r\n";
@@ -1279,4 +1280,12 @@ function toggledbinfo() {
 
 <?php
 }
+
+/**
+ * Add slashes for single quotes so they can be
+ * included in single quoted string
+ */
+function addsingleslashes($input){
+    return str_replace("'", "\'", $input);
+}
 ?>