1 files changed, 23 insertions, 0 deletions
diff --git a/application/Updater.php b/application/Updater.php
index 31630ff5..db2144fe 100644
--- a/application/Updater.php
+++ b/application/Updater.php
@@ -191,6 +191,29 @@ class Updater
            return false;
        }
    }
+    /**
+     * Escape settings which have been manually escaped in every request in previous versions:
+     *   - general.title
+     *   - general.header_link
+     *   - extras.redirector
+     *
+     * @return bool true if the update is successful, false otherwise.
+     */
+    public function escapeUnescapedConfig()
+    {
+        $conf = ConfigManager::getInstance();
+        try {
+            $conf->set('general.title', escape($conf->get('general.title')));
+            $conf->set('general.header_link', escape($conf->get('general.header_link')));
+            $conf->set('extras.redirector', escape($conf->get('extras.redirector')));
+            $conf->write($this->isLoggedIn);
+        } catch (Exception $e) {
+            error_log($e->getMessage());
+            return false;
+        }
+        return true;
+    }
 }
 /**

diff --git a/application/Updater.php b/application/Updater.php index 31630ff5..db2144fe 100644 --- a/application/Updater.php +++ b/application/Updater.php
@@ -191,6 +191,29 @@ class Updater
191	return false;	191	return false;
192	}	192	}
193	}	193	}
		194
		195	/**
		196	* Escape settings which have been manually escaped in every request in previous versions:
		197	* - general.title
		198	* - general.header_link
		199	* - extras.redirector
		200	*
		201	* @return bool true if the update is successful, false otherwise.
		202	*/
		203	public function escapeUnescapedConfig()
		204	{
		205	$conf = ConfigManager::getInstance();
		206	try {
		207	$conf->set('general.title', escape($conf->get('general.title')));
		208	$conf->set('general.header_link', escape($conf->get('general.header_link')));
		209	$conf->set('extras.redirector', escape($conf->get('extras.redirector')));
		210	$conf->write($this->isLoggedIn);
		211	} catch (Exception $e) {
		212	error_log($e->getMessage());
		213	return false;
		214	}
		215	return true;
		216	}
194	}	217	}
195		218
196	/**	219	/**