From 7f179985b497053c59338667fe49c390aa626ab7 Mon Sep 17 00:00:00 2001
From: ArthurHoaro <arthur@hoa.ro>
Date: Mon, 30 May 2016 20:15:36 +0200
Subject: Remove remaining settings initialization in index.php

Except for those which require external data (timezone and $_SERVER).
---
 application/Updater.php | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'application/Updater.php')

diff --git a/application/Updater.php b/application/Updater.php
index 31630ff5..db2144fe 100644
--- a/application/Updater.php
+++ b/application/Updater.php
@@ -191,6 +191,29 @@ class Updater
             return false;
         }
     }
+
+    /**
+     * Escape settings which have been manually escaped in every request in previous versions:
+     *   - general.title
+     *   - general.header_link
+     *   - extras.redirector
+     *
+     * @return bool true if the update is successful, false otherwise.
+     */
+    public function escapeUnescapedConfig()
+    {
+        $conf = ConfigManager::getInstance();
+        try {
+            $conf->set('general.title', escape($conf->get('general.title')));
+            $conf->set('general.header_link', escape($conf->get('general.header_link')));
+            $conf->set('extras.redirector', escape($conf->get('extras.redirector')));
+            $conf->write($this->isLoggedIn);
+        } catch (Exception $e) {
+            error_log($e->getMessage());
+            return false;
+        }
+        return true;
+    }
 }
 
 /**
-- 
cgit v1.2.3