projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #7689 from eileenmcnaughton/CRM-17881
[civicrm-core.git] / install / index.php
diff --git a/install/index.php b/install/index.php
index 1cfaf0b35e755d271402777041a038bbd9714f56..2fb1d011413fa254c0c8688ebd40ecca45aaa947 100644 (file)
--- a/install/index.php
+++ b/install/index.php
@@ -174,9 +174,12 @@ global $tsLocale;
 $tsLocale = 'en_US';
 $seedLanguage = 'en_US';
 
-if (isset($_POST['seedLanguage']) and isset($langs[$_POST['seedLanguage']])) {
-  $seedLanguage = $_POST['seedLanguage'];
-  $tsLocale = $_POST['seedLanguage'];
+// CRM-16801 This validates that seedLanguage is valid by looking in $langs.
+// NB: the variable is initial a $_REQUEST for the initial page reload,
+// then becomes a $_POST when the installation form is submitted.
+if (isset($_REQUEST['seedLanguage']) and isset($langs[$_REQUEST['seedLanguage']])) {
+  $seedLanguage = $_REQUEST['seedLanguage'];
+  $tsLocale = $_REQUEST['seedLanguage'];
 }
 
 $config = CRM_Core_Config::singleton(FALSE);
@@ -207,7 +210,7 @@ elseif ($installType == 'wordpress') {
   $cmsPath = WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . 'civicrm';
   $upload_dir = wp_upload_dir();
   $files_dirname = $upload_dir['basedir'] . DIRECTORY_SEPARATOR . 'civicrm';
-  $wp_civi_settings = $upload_dir['basedir'] . DIRECTORY_SEPARATOR . 'civicrm' . DIRECTORY_SEPARATOR . 'civicrm.settingsphp';
+  $wp_civi_settings = $upload_dir['basedir'] . DIRECTORY_SEPARATOR . 'civicrm' . DIRECTORY_SEPARATOR . 'civicrm.settings.php';
   $wp_civi_settings_deprectated = CIVICRM_PLUGIN_DIR . 'civicrm.settings.php';
   if (file_exists($wp_civi_settings_deprectated)) {
     $alreadyInstalled = $wp_civi_settings_deprectated;