From 67fedede3887d97078862e9b58524dc71162ba24 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 23 Oct 2014 15:02:15 -0400
Subject: [PATCH] Fixed: FS#3712 - Client DB credentials not escaped

---
 install/dist/lib/fedora.lib.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php
index fdfd1a9..5dd1489 100644
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -1292,7 +1292,7 @@
 		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', "tpl/mysql_clientdb.conf.master");
 		$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
 		$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
-		$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
+		$content = str_replace('{password}', addslashes($conf['mysql']['admin_password']), $content);
 		wf("$install_dir/server/lib/mysql_clientdb.conf", $content);
 		exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf");
 		exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf");

--
Gitblit v1.9.1