From fdfb143267665831eefb644ebbb0845764852010 Mon Sep 17 00:00:00 2001 From: garvinhicking Date: Sat, 15 Apr 2006 17:46:42 +0000 Subject: [PATCH] Fix inserting random code into serendipity_config_local.inc.php as Admin. --- include/functions_installer.inc.php | 16 ++++++++-------- include/functions_rss.inc.php | 14 +++++++------- rss.php | 2 +- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/include/functions_installer.inc.php b/include/functions_installer.inc.php index 7b32f88..01281ae 100644 --- a/include/functions_installer.inc.php +++ b/include/functions_installer.inc.php @@ -100,17 +100,17 @@ function serendipity_updateLocalConfig($dbName, $dbPrefix, $dbHost, $dbUser, $db fwrite($configfp, "\t*/\n\n"); fwrite($configfp, "\t\$serendipity['versionInstalled'] = '{$serendipity['version']}';\n"); - fwrite($configfp, "\t\$serendipity['dbName'] = '{$dbName}';\n"); - fwrite($configfp, "\t\$serendipity['dbPrefix'] = '{$dbPrefix}';\n"); - fwrite($configfp, "\t\$serendipity['dbHost'] = '{$dbHost}';\n"); - fwrite($configfp, "\t\$serendipity['dbUser'] = '{$dbUser}';\n"); - fwrite($configfp, "\t\$serendipity['dbPass'] = '{$dbPass}';\n"); - fwrite($configfp, "\t\$serendipity['dbType'] = '{$dbType}';\n"); + fwrite($configfp, "\t\$serendipity['dbName'] = '" . addslashes($dbName) . "';\n"); + fwrite($configfp, "\t\$serendipity['dbPrefix'] = '" . addslashes($dbPrefix) . "';\n"); + fwrite($configfp, "\t\$serendipity['dbHost'] = '" . addslashes($dbHost) . "';\n"); + fwrite($configfp, "\t\$serendipity['dbUser'] = '" . addslashes($dbUser) . "';\n"); + fwrite($configfp, "\t\$serendipity['dbPass'] = '" . addslashes($dbPass) . "';\n"); + fwrite($configfp, "\t\$serendipity['dbType'] = '" . addslashes($dbType) . "';\n"); fwrite($configfp, "\t\$serendipity['dbPersistent'] = ". (serendipity_db_bool($dbPersistent) ? 'true' : 'false') .";\n"); if (is_array($privateVariables) && count($privateVariables) > 0) { foreach($privateVariables AS $p_idx => $p_val) { - fwrite($configfp, "\t\$serendipity['{$p_idx}'] = '{$p_val}';\n"); + fwrite($configfp, "\t\$serendipity['{$p_idx}'] = '" . addslashes($p_val) . "';\n"); } } @@ -1098,7 +1098,7 @@ function serendipity_check_rewrite($default) { ); return $default; } else { - fwrite($fp, 'ErrorDocument 404 ' . $serendipity_root . 'index.php'); + fwrite($fp, 'ErrorDocument 404 ' . addslashes($serendipity_root) . 'index.php'); fclose($fp); // Do a request on a nonexistant file to see, if our htaccess allows ErrorDocument diff --git a/include/functions_rss.inc.php b/include/functions_rss.inc.php index 12e5970..84ea52d 100644 --- a/include/functions_rss.inc.php +++ b/include/functions_rss.inc.php @@ -83,7 +83,7 @@ function serendipity_printEntries_rss(&$entries, $version, $comments = false, $f $cat['feed_category_name'] = serendipity_utf8_encode(htmlspecialchars($cat['category_name'])); } } - + // Prepare variables // 1. UTF8 encoding + htmlspecialchars. $entry['feed_title'] = serendipity_utf8_encode(htmlspecialchars($entry['title'])); @@ -106,28 +106,28 @@ function serendipity_printEntries_rss(&$entries, $version, $comments = false, $f case 'opml1.0': $entry_hook = 'frontend_display:opml-1.0:per_entry'; break; - + case '0.91': $entry_hook = 'frontend_display:rss-0.91:per_entry'; break; - + case '1.0': $entry_hook = 'frontend_display:rss-1.0:per_entry'; break; - + case '2.0': $entry_hook = 'frontend_display:rss-2.0:per_entry'; break; - + case 'atom0.3': $entry_hook = 'frontend_display:atom-0.3:per_entry'; break; - + case 'atom1.0': $entry_hook = 'frontend_display:atom-1.0:per_entry'; break; } - + serendipity_plugin_api::hook_event($entry_hook, $entry); $entry['per_entry_display_dat'] = $entry['display_dat']; } diff --git a/rss.php b/rss.php index 2bacf96..8078300 100644 --- a/rss.php +++ b/rss.php @@ -111,7 +111,7 @@ $metadata = array( 'language' => $serendipity['lang'], 'additional_fields' => array(), 'link' => $serendipity['baseURL'], - 'email' => $serendipity['email'], + 'email' => $serendipity['blogMail'], 'fullFeed' => false, 'showMail' => false, 'version' => $version -- 2.39.5