Installation script does not sanitize inputs

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?
1. Run the installation script, entering a site name containing a ' character
2. Complete installation, navigate to root URL

What is the expected output? What do you see instead?
Expected; front page
Get; Internal Server Error (500)

What version of the product are you using? On what operating system?
2.4.2. Debian 6.

Please provide any additional information below.
Caused by lack of sanitization of config file during install script; simple 
fix, addslashes() would do the trick.

Original issue reported on code.google.com by andrew.d...@gmail.com on 31 Jan 2012 at 5:42

GoogleCodeExporter commented 9 years ago

Thanks, will keep this in mind for next version.

Original comment by he...@phurlproject.org on 28 May 2012 at 11:41

Changed state: Fixed-but-not-released

GoogleCodeExporter commented 9 years ago

Original comment by he...@phurlproject.org on 29 May 2012 at 11:30

Changed state: Fixed

iczc / phurl

Installation script does not sanitize inputs #132