summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG4
-rw-r--r--installer/rcube_install.php4
2 files changed, 7 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 5417a987f..038478325 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,10 @@
CHANGELOG RoundCube Webmail
---------------------------
+2008/05/05 (alec)
+----------
+- Installer: encode special characters in DB username/password (#1485042)
+
2008/05/02 (alec)
----------
- Updated MDB2 package to version 2.5.0b1
diff --git a/installer/rcube_install.php b/installer/rcube_install.php
index c4704a3a8..024046755 100644
--- a/installer/rcube_install.php
+++ b/installer/rcube_install.php
@@ -137,7 +137,9 @@ class rcube_install
if ($_POST['_dbtype'] == 'sqlite')
$value = sprintf('%s://%s?mode=0646', $_POST['_dbtype'], $_POST['_dbname']{0} == '/' ? '/' . $_POST['_dbname'] : $_POST['_dbname']);
else
- $value = sprintf('%s://%s:%s@%s/%s', $_POST['_dbtype'], $_POST['_dbuser'], $_POST['_dbpass'], $_POST['_dbhost'], $_POST['_dbname']);
+ $value = sprintf('%s://%s:%s@%s/%s', $_POST['_dbtype'],
+ rawurlencode($_POST['_dbuser']), rawurlencode($_POST['_dbpass']),
+ $_POST['_dbhost'], $_POST['_dbname']);
}
else if ($prop == 'smtp_auth_type' && $value == '0') {
$value = '';
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-13 17:59:48 +0000