aboutsummaryrefslogtreecommitdiffstats
path: root/install.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2016-03-04 15:26:16 +0100
committerplegall <plg@piwigo.org>2016-03-04 15:26:16 +0100
commite2bf31e482923836120c9abcd38767e5693ac28d (patch)
tree581943e13d08a4d7404503b04e3a4181a253d838 /install.php
parent91276709b4d332ea8133a8b471fae5b45488195e (diff)
bug fixed, escape language string before insert
Diffstat (limited to 'install.php')
-rw-r--r--install.php8
1 files changed, 6 insertions, 2 deletions
diff --git a/install.php b/install.php
index 579b1a431..475cf70f0 100644
--- a/install.php
+++ b/install.php
@@ -348,8 +348,12 @@ INSERT INTO '.$prefixeTable.'config (param,value,comment)
pwg_query($query);
conf_update_param('piwigo_db_version', get_branch_from_version(PHPWG_VERSION));
- conf_update_param('gallery_title', l10n('Just another Piwigo gallery'));
- conf_update_param('page_banner', '<h1>%gallery_title%</h1>'."\n\n<p>".l10n('Welcome to my photo gallery').'</p>');
+ conf_update_param('gallery_title', pwg_db_real_escape_string(l10n('Just another Piwigo gallery')));
+
+ conf_update_param(
+ 'page_banner',
+ '<h1>%gallery_title%</h1>'."\n\n<p>".pwg_db_real_escape_string(l10n('Welcome to my photo gallery')).'</p>'
+ );
// fill languages table
foreach ($languages->fs_languages as $language_code => $fs_language)