stripslashes() from admin email and weblog title since update_option() takes care of escaping them. fixes #1919

git-svn-id: http://svn.automattic.com/wordpress/trunk@3173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2005-11-20 07:40:17 +00:00
parent 6cc1deb00c
commit 2f439c9306
1 changed files with 3 additions and 3 deletions

View File

@ -119,8 +119,8 @@ switch($step) {
case 2:
// Fill in the data we gathered
$weblog_title = $_POST['weblog_title'];
$admin_email = $_POST['admin_email'];
$weblog_title = stripslashes($_POST['weblog_title']);
$admin_email = stripslashes($_POST['admin_email']);
// check e-mail address
if (empty($admin_email)) {
die (__("<strong>ERROR</strong>: please type your e-mail address"));
@ -181,7 +181,7 @@ $wpdb->query("INSERT INTO $wpdb->usermeta (user_id, meta_key, meta_value) VALUES
$admin_caps = serialize(array('administrator' => true));
$wpdb->query("INSERT INTO $wpdb->usermeta (user_id, meta_key, meta_value) VALUES ({$wpdb->insert_id}, '{$table_prefix}capabilities', '{$admin_caps}');");
$message_headers = 'From: ' . stripslashes($_POST['weblog_title']) . ' <wordpress@' . $_SERVER['SERVER_NAME'] . '>';
$message_headers = 'From: ' . $weblog_title . ' <wordpress@' . $_SERVER['SERVER_NAME'] . '>';
$message = sprintf(__("Your new WordPress blog has been successfully set up at:
%1\$s