More fixes when installer generates config file.
* Use single quotes in config.php when when defining database values so PHP doesn't interpret `$` as a variable (mostly for the password constant). * Use `addcslashes` instead of `addslashes` and only escape backslash and single quotes. * Do not convert DB_PORT to integer if leaving it blank (the default).
This commit is contained in:
parent
11a9d3bd9b
commit
9c3cf60592
|
@ -3,11 +3,11 @@
|
||||||
// *** Database configuration (important!) ***
|
// *** Database configuration (important!) ***
|
||||||
// *******************************************
|
// *******************************************
|
||||||
|
|
||||||
define('DB_TYPE', "%DB_TYPE"); // pgsql or mysql
|
define('DB_TYPE', '%DB_TYPE'); // pgsql or mysql
|
||||||
define('DB_HOST', "%DB_HOST");
|
define('DB_HOST', '%DB_HOST');
|
||||||
define('DB_USER', "%DB_USER");
|
define('DB_USER', '%DB_USER');
|
||||||
define('DB_NAME', "%DB_NAME");
|
define('DB_NAME', '%DB_NAME');
|
||||||
define('DB_PASS', "%DB_PASS");
|
define('DB_PASS', '%DB_PASS');
|
||||||
define('DB_PORT', '%DB_PORT'); // usually 5432 for PostgreSQL, 3306 for MySQL
|
define('DB_PORT', '%DB_PORT'); // usually 5432 for PostgreSQL, 3306 for MySQL
|
||||||
|
|
||||||
define('MYSQL_CHARSET', 'UTF8');
|
define('MYSQL_CHARSET', 'UTF8');
|
||||||
|
|
|
@ -153,14 +153,16 @@
|
||||||
|
|
||||||
$rv = file_get_contents("../config.php-dist");
|
$rv = file_get_contents("../config.php-dist");
|
||||||
|
|
||||||
|
$escape_chars = "\\'";
|
||||||
|
|
||||||
$settings = [
|
$settings = [
|
||||||
"%DB_TYPE" => $DB_TYPE == 'pgsql' ? 'pgsql' : 'mysql',
|
"%DB_TYPE" => $DB_TYPE == 'pgsql' ? 'pgsql' : 'mysql',
|
||||||
"%DB_HOST" => addslashes($DB_HOST),
|
"%DB_HOST" => addcslashes($DB_HOST, $escape_chars),
|
||||||
"%DB_USER" => addslashes($DB_USER),
|
"%DB_USER" => addcslashes($DB_USER, $escape_chars),
|
||||||
"%DB_NAME" => addslashes($DB_NAME),
|
"%DB_NAME" => addcslashes($DB_NAME, $escape_chars),
|
||||||
"%DB_PASS" => addslashes($DB_PASS),
|
"%DB_PASS" => addcslashes($DB_PASS, $escape_chars),
|
||||||
"%DB_PORT" => intval($DB_PORT),
|
"%DB_PORT" => $DB_PORT ? intval($DB_PORT) : '',
|
||||||
"%SELF_URL_PATH" => addslashes($SELF_URL_PATH)
|
"%SELF_URL_PATH" => addcslashes($SELF_URL_PATH, $escape_chars)
|
||||||
];
|
];
|
||||||
|
|
||||||
$rv = str_replace(array_keys($settings), array_values($settings), $rv);
|
$rv = str_replace(array_keys($settings), array_values($settings), $rv);
|
||||||
|
|
Loading…
Reference in New Issue