addslashes() is not quite correct for PHP double-quoted string literals.
Created an escapePhpString() function which should cover the right bits.
See http://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.double
";
}
+function escapePhpString( $string ) {
+ return strtr( $string,
+ array(
+ "\n" => "\\n",
+ "\r" => "\\r",
+ "\t" => "\\t",
+ "\\" => "\\\\",
+ "\$" => "\\\$",
+ "\"" => "\\\""
+ ));
+}
+
function writeLocalSettings( $conf ) {
$conf->DBmysql4 = @$conf->DBmysql4 ? 'true' : 'false';
$conf->UseImageResize = $conf->UseImageResize ? 'true' : 'false';
}
# Add slashes to strings for double quoting
- $slconf = array_map( "addslashes", get_object_vars( $conf ) );
+ $slconf = array_map( "escapePhpString", get_object_vars( $conf ) );
$sep = (DIRECTORY_SEPARATOR == "\\") ? ";" : ":";