From e2bf31e482923836120c9abcd38767e5693ac28d Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Fri, 4 Mar 2016 15:26:16 +0100
Subject: bug fixed, escape language string before insert

---
 install.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/install.php b/install.php
index 579b1a431..475cf70f0 100644
--- a/install.php
+++ b/install.php
@@ -348,8 +348,12 @@ INSERT INTO '.$prefixeTable.'config (param,value,comment)
     pwg_query($query);
 
     conf_update_param('piwigo_db_version', get_branch_from_version(PHPWG_VERSION));
-    conf_update_param('gallery_title', l10n('Just another Piwigo gallery'));
-    conf_update_param('page_banner', '<h1>%gallery_title%</h1>'."\n\n<p>".l10n('Welcome to my photo gallery').'</p>');
+    conf_update_param('gallery_title', pwg_db_real_escape_string(l10n('Just another Piwigo gallery')));
+
+    conf_update_param(
+      'page_banner',
+      '<h1>%gallery_title%</h1>'."\n\n<p>".pwg_db_real_escape_string(l10n('Welcome to my photo gallery')).'</p>'
+      );
 
     // fill languages table
     foreach ($languages->fs_languages as $language_code => $fs_language)
-- 
cgit v1.2.3