X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=install%2Findex.php;h=17a134f03de6cc1318dc0974ea6a904b4f0c5370;hb=dcfd8d522ab67d9715d7191cf72148dcce70d42a;hp=d0f7f0bada79cb08e275c22fdcf42b56affb7edf;hpb=9abe721606f5f0decb1cd830a4ff0cb9a4087c1c;p=civicrm-core.git

diff --git a/install/index.php b/install/index.php
index d0f7f0bada..17a134f03d 100644
--- a/install/index.php
+++ b/install/index.php
@@ -394,6 +394,18 @@ class InstallRequirements {
             ts("An auto_increment_increment value greater than 1 is not currently supported. Please see issue CRM-7923 for further details and potential workaround."),
           )
         );
+        $testDetails = array(
+          ts("MySQL %1 Configuration", array(1 => $dbName)),
+          ts("Is the provided database name valid?"),
+          ts("The database name provided is not valid. Please use only 0-9, a-z, A-Z and _ as characters in the name."),
+        );
+        if (!CRM_Core_DAO::requireValidDBName($databaseConfig['database'])) {
+          $this->error($testDetails);
+          return FALSE;
+        }
+        else {
+          $this->testing($testDetails);
+        }
         $this->requireMySQLThreadStack($databaseConfig['server'],
           $databaseConfig['username'],
           $databaseConfig['password'],
@@ -733,10 +745,14 @@ class InstallRequirements {
     $aboveMinVersion = version_compare($phpVersion, $minVersion) >= 0;
     $belowMaxVersion = $maxVersion ? version_compare($phpVersion, $maxVersion) < 0 : TRUE;
 
-    if ($maxVersion && $aboveMinVersion && $belowMaxVersion) {
-      return TRUE;
-    }
-    elseif (!$maxVersion && $aboveMinVersion) {
+    if ($aboveMinVersion && $belowMaxVersion) {
+      if (version_compare(phpversion(), CRM_Upgrade_Incremental_General::MIN_RECOMMENDED_PHP_VER) < 0) {
+        $testDetails[2] = ts('This webserver is running an outdated version of PHP (%1). It is strongly recommended to upgrade to PHP %2 or later, as older versions can present a security risk.', array(
+          1 => phpversion(),
+          2 => CRM_Upgrade_Incremental_General::MIN_RECOMMENDED_PHP_VER,
+        ));
+        $this->warning($testDetails);
+      }
       return TRUE;
     }
 
@@ -1155,7 +1171,8 @@ class InstallRequirements {
       return;
     }
     else {
-      if (@mysql_query("CREATE DATABASE $database")) {
+      $query = sprintf("CREATE DATABASE %s", mysql_real_escape_string($database));
+      if (@mysql_query($query)) {
         $okay = ts("Able to create a new database.");
       }
       else {
@@ -1287,8 +1304,8 @@ class Installer extends InstallRequirements {
       // skip if database already present
       return;
     }
-
-    if (@mysql_query("CREATE DATABASE $database")) {
+    $query = sprintf("CREATE DATABASE %s", mysql_real_escape_string($database));
+    if (@mysql_query($query)) {
     }
     else {
       $errorTitle = ts("Oops! Could not create database %1", array(1 => $database));