install.php
changeset 239 0f1b353570a7
parent 238 a78537db2850
child 240 f0149a27df5f
--- a/install.php	Tue Nov 06 10:53:33 2007 -0500
+++ b/install.php	Tue Nov 06 11:10:18 2007 -0500
@@ -179,12 +179,16 @@
   if ( $act_get )
     return $conn;
   
-  $db_user = mysql_real_escape_string($_POST['db_user']);
-  $db_pass = mysql_real_escape_string($_POST['db_pass']);
-  $db_name = mysql_real_escape_string($_POST['db_name']);
+  $db_user =& $_POST['db_user'];
+  $db_pass =& $_POST['db_pass'];
+  $db_name =& $_POST['db_name'];
   
   if ( !preg_match('/^[a-z0-9_]+$/', $db_name) )
-    die("<p>SECURITY: malformed database name</p>");
+  {
+    die('<pre>' . htmlspecialchars(print_r($_POST, true)) . '</pre>');
+    $db_name = htmlspecialchars($db_name);
+    die("<p>SECURITY: malformed database name \"$db_name\"</p>");
+  }
   
   // First, try to connect using the normal credentials
   $conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
@@ -199,6 +203,9 @@
         // Couldn't connect using either set of credentials. Bail out.
         return false;
       }
+      unset($db_user, $db_pass);
+      $db_user = mysql_real_escape_string($_POST['db_user']);
+      $db_pass = mysql_real_escape_string($_POST['db_pass']);
       // Create the user account
       $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'localhost' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
       if ( !$q )
@@ -248,6 +255,9 @@
         // this really should never fail, so don't give any tolerance to it
         return false;
       }
+      unset($db_user, $db_pass);
+      $db_user = mysql_real_escape_string($_POST['db_user']);
+      $db_pass = mysql_real_escape_string($_POST['db_pass']);
       // we're in with root rights; grant access to the database
       $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'localhost';", $conn_root);
       if ( !$q )