diff options
Diffstat (limited to 'install')
| -rw-r--r-- | install/ElggInstaller.php | 14 | ||||
| -rw-r--r-- | install/cli/sample_installer.php | 40 | ||||
| -rw-r--r-- | install/languages/en.php | 3 |
3 files changed, 35 insertions, 22 deletions
diff --git a/install/ElggInstaller.php b/install/ElggInstaller.php index 775bbf5b6..78cdde90f 100644 --- a/install/ElggInstaller.php +++ b/install/ElggInstaller.php @@ -1148,11 +1148,21 @@ class ElggInstaller { foreach ($formVars as $field => $info) { if ($info['required'] == TRUE && !$submissionVars[$field]) { $name = elgg_echo("install:database:label:$field"); - register_error("$name is required"); + register_error(elgg_echo('install:error:requiredfield', array($name))); return FALSE; } } + // according to postgres documentation: SQL identifiers and key words must + // begin with a letter (a-z, but also letters with diacritical marks and + // non-Latin letters) or an underscore (_). Subsequent characters in an + // identifier or key word can be letters, underscores, digits (0-9), or dollar signs ($). + // Refs #4994 + if (!preg_match("/^[a-zA-Z_][\w]*$/", $submissionVars['dbprefix'])) { + register_error(elgg_echo('install:error:database_prefix')); + return FALSE; + } + return $this->checkDatabaseSettings( $submissionVars['dbuser'], $submissionVars['dbpassword'], @@ -1404,7 +1414,7 @@ class ElggInstaller { $submissionVars['wwwroot'] = sanitise_filepath($submissionVars['wwwroot']); $site = new ElggSite(); - $site->name = $submissionVars['sitename']; + $site->name = strip_tags($submissionVars['sitename']); $site->url = $submissionVars['wwwroot']; $site->access_id = ACCESS_PUBLIC; $site->email = $submissionVars['siteemail']; diff --git a/install/cli/sample_installer.php b/install/cli/sample_installer.php index 0bae0cd23..a51f9aae4 100644 --- a/install/cli/sample_installer.php +++ b/install/cli/sample_installer.php @@ -1,28 +1,12 @@ <?php + /** * Sample cli installer script */ +// change to true to run this script. Change back to false when done. $enabled = false; -// Do not edit below this line. ////////////////////////////// - - -if (!$enabled) { - echo "To enable this script, change \$enabled to true.\n"; - echo "You *must* disable this script after a successful installation.\n"; - exit; -} - -if (PHP_SAPI !== 'cli') { - echo "You must use the command line to run this script."; - exit; -} - -require_once(dirname(dirname(__FILE__)) . "/ElggInstaller.php"); - -$installer = new ElggInstaller(); - // none of the following may be empty $params = array( // database parameters @@ -43,11 +27,29 @@ $params = array( 'password' => '', ); + +// Do not edit below this line. ////////////////////////////// + + +if (!$enabled) { + echo "To enable this script, change \$enabled to true.\n"; + echo "You *must* disable this script after a successful installation.\n"; + exit; +} + +if (PHP_SAPI !== 'cli') { + echo "You must use the command line to run this script."; + exit; +} + +require_once(dirname(dirname(__FILE__)) . "/ElggInstaller.php"); + +$installer = new ElggInstaller(); + // install and create the .htaccess file $installer->batchInstall($params, TRUE); // at this point installation has completed (otherwise an exception halted execution). - // try to rewrite the script to disable it. if (is_writable(__FILE__)) { $code = file_get_contents(__FILE__); diff --git a/install/languages/en.php b/install/languages/en.php index b2583fbc9..531379b1e 100644 --- a/install/languages/en.php +++ b/install/languages/en.php @@ -124,6 +124,7 @@ If you are ready to proceed, click the Next button.", 'install:error:htaccess' => 'Unable to create an .htaccess', 'install:error:settings' => 'Unable to create the settings file', 'install:error:databasesettings' => 'Unable to connect to the database with these settings.', + 'install:error:database_prefix' => 'Invalid characters in database prefix', 'install:error:oldmysql' => 'MySQL must be version 5.0 or above. Your server is using %s.', 'install:error:nodatabase' => 'Unable to use database %s. It may not exist.', 'install:error:cannotloadtables' => 'Cannot load the database tables', @@ -131,7 +132,7 @@ If you are ready to proceed, click the Next button.", 'install:error:readsettingsphp' => 'Unable to read engine/settings.example.php', 'install:error:writesettingphp' => 'Unable to write engine/settings.php', 'install:error:requiredfield' => '%s is required', - 'install:error:relative_path' => 'We don\'t think "%s" is an absoluate path for your data directory', + 'install:error:relative_path' => 'We don\'t think "%s" is an absolute path for your data directory', 'install:error:datadirectoryexists' => 'Your data directory %s does not exist.', 'install:error:writedatadirectory' => 'Your data directory %s is not writable by the web server.', 'install:error:locationdatadirectory' => 'Your data directory %s must be outside of your install path for security.', |