Project

General

Profile

« Previous | Next » 

Revision 721

Added by doc almost 17 years ago

restricted database name and table prefix to "a-zA-Z0-9_" (avoid problems with non quoted table/field names)

View differences:

index.php
283 283 
						World-writeable file permissions (777)
284 284 
					</label>
285 285 
					<br />
286 
					<font class="note">(Please note: this is only recommended for testing environments)</font>
286 
					<font class="note">(Please note: only recommended for testing environments)</font>
287 287 
				</div>
288 288 
			</td>
289 289 
		</tr>
......
304 304 
			</td>
305 305 
		</tr>
306 306 
		<tr>
307 
			<td style="color: #666666;">Database Name:</td>
307 
			<td style="color: #666666;">Database Name:<br />[a-zA-Z0-9_]</td>
308 308 
			<td>
309 309 
				<input <?php echo field_error('database_name');?> type="text" tabindex="8" name="database_name" style="width: 98%;" value="<?php if(isset($_SESSION['database_name'])) { echo $_SESSION['database_name']; } else { echo 'wb'; } ?>" />
310 310 
			</td>
......
315 315 
			</td>
316 316 
		</tr>
317 317 
		<tr>
318 
			<td style="color: #666666;">Table Prefix:</td>
318 
			<td style="color: #666666;">Table Prefix:<br />[a-zA-Z0-9_]</td>
319 319 
			<td>
320 
				<input type="text" tabindex="11" name="table_prefix" style="width: 250px;"<?php if(isset($_SESSION['table_prefix'])) { echo ' value = "'.$_SESSION['table_prefix'].'"'; } ?> />
320 
				<input <?php echo field_error('table_prefix');?> type="text" tabindex="11" name="table_prefix" style="width: 250px;"<?php if(isset($_SESSION['table_prefix'])) { echo ' value = "'.$_SESSION['table_prefix'].'"'; } ?> />
321 321 
			</td>
322 322 
			<td>&nbsp;</td>
323 323 
			<td colspan="2">
324 324 
				<input type="checkbox" tabindex="12" name="install_tables" id="install_tables" value="true"<?php if(!isset($_SESSION['install_tables'])) { echo ' checked'; } elseif($_SESSION['install_tables'] == 'true') { echo ' checked'; } ?> />
325 325 
				<label for="install_tables" style="color: #666666;">Install Tables</label>
326 
				<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
326 
				<br />
327 327 
				<span style="font-size: 10px; color: #666666;">(Please note: May remove existing tables and data)</span></td>
328 328 
			</td>
329 329 
		</tr>

Also available in: Unified diff