projects / civicrm-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4d94cb1)
CRM-16617, used safe approach method to generate create database query
authorPradeep Nayak <pradpnayak@gmail.com>
Mon, 24 Aug 2015 21:15:29 +0000 (02:45 +0530)
committerPradeep Nayak <pradpnayak@gmail.com>
Mon, 8 Feb 2016 15:01:53 +0000 (20:31 +0530)
----------------------------------------
* CRM-16617:
  https://issues.civicrm.org/jira/browse/CRM-16617

install/index.php patch | blob | blame | history

diff --git a/install/index.php b/install/index.php
index 0295b7c6f7d59da50709dbb19439c20baebfebc3..313a91d25feea7d2dab8a1503b2a6ca2d9a8c5db 100644 (file)
--- a/install/index.php
+++ b/install/index.php
@@ -1159,7 +1159,8 @@ class InstallRequirements {
       return;
     }
     else {
-      if (@mysql_query("CREATE DATABASE $database")) {
+      $query = sprintf("CREATE DATABASE %s", mysql_real_escape_string($database));
+      if (@mysql_query($query)) {
         $okay = ts("Able to create a new database.");
       }
       else {
@@ -1291,8 +1292,8 @@ class Installer extends InstallRequirements {
       // skip if database already present
       return;
     }
-
-    if (@mysql_query("CREATE DATABASE $database")) {
+    $query = sprintf("CREATE DATABASE %s", mysql_real_escape_string($database));
+    if (@mysql_query($query)) {
     }
     else {
       $errorTitle = ts("Oops! Could not create database %1", array(1 => $database));