MDL-12869 fixed minor security problem in installer - reported by hanno; merged from...

author skodak <skodak>

Tue, 8 Jan 2008 07:16:18 +0000 (07:16 +0000)

committer skodak <skodak>

Tue, 8 Jan 2008 07:16:18 +0000 (07:16 +0000)
author skodak <skodak>
Tue, 8 Jan 2008 07:16:18 +0000 (07:16 +0000)
committer skodak <skodak>
Tue, 8 Jan 2008 07:16:18 +0000 (07:16 +0000)
diff --git a/install.php b/install.php

index 8983a827e1cf3c9dbfa8d0c0b58ead1056025520..065547afb88f0fe2653cba2849e83003160cd94f 100644 (file)
--- a/install.php
+++ b/install.php
@@ -107,6 +107,7 @@ if (isset($_POST['stage'])) {
          $nextstage = $_POST['stage'];
      }
  
+    $nextstage = (int)$nextstage;
  
      if ($nextstage < 0) {
          $nextstage = WELCOME;
@@ -823,31 +824,31 @@ function form_table($nextstage = WELCOME, $formaction = "install.php") {
              <tr>
                  <td class="td_left"><p><?php print_string('dbhost', 'install') ?></p></td>
                  <td class="td_right">
-                    <input type="text" size="40" name="dbhost" value="<?php echo $INSTALL['dbhost'] ?>" />
+                    <input type="text" size="40" name="dbhost" value="<?php p($INSTALL['dbhost']) ?>" />
                  </td>
              </tr>
              <tr>
                  <td class="td_left"><p><?php print_string('database', 'install') ?></p></td>
                  <td class="td_right">
-                    <input type="text" size="40" name="dbname" value="<?php echo $INSTALL['dbname'] ?>" />
+                    <input type="text" size="40" name="dbname" value="<?php p($INSTALL['dbname']) ?>" />
                  </td>
              </tr>
              <tr>
                  <td class="td_left"><p><?php print_string('user') ?></p></td>
                  <td class="td_right">
-                    <input type="text" size="40" name="dbuser" value="<?php echo $INSTALL['dbuser'] ?>" />
+                    <input type="text" size="40" name="dbuser" value="<?php p($INSTALL['dbuser']) ?>" />
                  </td>
              </tr>
              <tr>
                  <td class="td_left"><p><?php print_string('password') ?></p></td>
                  <td class="td_right">
-                    <input type="password" size="40" name="dbpass" value="<?php echo $INSTALL['dbpass'] ?>" />
+                    <input type="password" size="40" name="dbpass" value="<?php p($INSTALL['dbpass']) ?>" />
                  </td>
              </tr>
              <tr>
                  <td class="td_left"><p><?php print_string('dbprefix', 'install') ?></p></td>
                  <td class="td_right">
-                    <input type="text" size="40" name="prefix" value="<?php echo $INSTALL['prefix'] ?>" />
+                    <input type="text" size="40" name="prefix" value="<?php p($INSTALL['prefix']) ?>" />
                  </td>
              </tr>
  
@@ -859,7 +860,7 @@ function form_table($nextstage = WELCOME, $formaction = "install.php") {
              <tr>
                  <td class="td_left"><p><?php print_string('admindirname', 'install') ?></p></td>
                  <td class="td_right">
-                    <input type="text" size="40" name="admindirname" value="<?php echo $INSTALL['admindirname'] ?>" />
+                    <input type="text" size="40" name="admindirname" value="<?php p($INSTALL['admindirname']) ?>" />
                  </td>
              </tr>
author	skodak <skodak>
	Tue, 8 Jan 2008 07:16:18 +0000 (07:16 +0000)
committer	skodak <skodak>
	Tue, 8 Jan 2008 07:16:18 +0000 (07:16 +0000)