From 2f439c93063aa5f70fe558c5a3a9ea9a2f486d06 Mon Sep 17 00:00:00 2001 From: ryan Date: Sun, 20 Nov 2005 07:40:17 +0000 Subject: [PATCH] stripslashes() from admin email and weblog title since update_option() takes care of escaping them. fixes #1919 git-svn-id: http://svn.automattic.com/wordpress/trunk@3173 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/install.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wp-admin/install.php b/wp-admin/install.php index 24ebf6f732..c8d3ed9604 100644 --- a/wp-admin/install.php +++ b/wp-admin/install.php @@ -119,8 +119,8 @@ switch($step) { case 2: // Fill in the data we gathered -$weblog_title = $_POST['weblog_title']; -$admin_email = $_POST['admin_email']; +$weblog_title = stripslashes($_POST['weblog_title']); +$admin_email = stripslashes($_POST['admin_email']); // check e-mail address if (empty($admin_email)) { die (__("ERROR: please type your e-mail address")); @@ -181,7 +181,7 @@ $wpdb->query("INSERT INTO $wpdb->usermeta (user_id, meta_key, meta_value) VALUES $admin_caps = serialize(array('administrator' => true)); $wpdb->query("INSERT INTO $wpdb->usermeta (user_id, meta_key, meta_value) VALUES ({$wpdb->insert_id}, '{$table_prefix}capabilities', '{$admin_caps}');"); -$message_headers = 'From: ' . stripslashes($_POST['weblog_title']) . ' '; +$message_headers = 'From: ' . $weblog_title . ' '; $message = sprintf(__("Your new WordPress blog has been successfully set up at: %1\$s