aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--actions/systemsettings/install.php3
-rw-r--r--engine/lib/input.php7
2 files changed, 6 insertions, 4 deletions
diff --git a/actions/systemsettings/install.php b/actions/systemsettings/install.php
index 41a2a8b22..c4f563beb 100644
--- a/actions/systemsettings/install.php
+++ b/actions/systemsettings/install.php
@@ -22,6 +22,7 @@ if (get_input('settings') == 'go') {
// Sanitise
$path = sanitise_filepath(get_input('path'));
$dataroot = sanitise_filepath(get_input('dataroot'));
+ $url = sanitise_filepath(get_input('wwwroot'));
// Blank?
if ($dataroot == "/") {
@@ -40,7 +41,7 @@ if (get_input('settings') == 'go') {
$site = new ElggSite();
$site->name = get_input('sitename');
- $site->url = get_input('wwwroot');
+ $site->url = $url;
$site->description = get_input('sitedescription');
$site->email = get_input('siteemail');
$site->access_id = ACCESS_PUBLIC;
diff --git a/engine/lib/input.php b/engine/lib/input.php
index abc2d6811..f59061312 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -14,7 +14,7 @@
*
* Note: this function does not handle nested arrays (ex: form input of param[m][n])
* because of the filtering done in htmlawed from the filter_tags call.
- *
+ *
* @param $variable string The variable we want to return.
* @param $default mixed A default value for the variable if it is not found.
* @param $filter_result If true then the result is filtered for bad tags.
@@ -52,7 +52,7 @@ function get_input($variable, $default = "", $filter_result = true) {
/**
* Sets an input value that may later be retrieved by get_input
- *
+ *
* Note: this function does not handle nested arrays (ex: form input of param[m][n])
*
* @param string $variable The name of the variable
@@ -96,7 +96,8 @@ function sanitise_filepath($path) {
// Sort trailing slash
$path = trim($path);
- $path = rtrim($path, " /");
+ // rtrim defaults plus /
+ $path = rtrim($path, " \n\t\0\x0B/");
$path = $path . "/";
return $path;