Merge branch 'skinnable-master'

[nucleus-jp/nucleus-next.git] / nucleus / upgrades / upgrade2.0.php

diff --git a/nucleus/upgrades/upgrade2.0.php b/nucleus/upgrades/upgrade2.0.php
index 4f1336e..da5f254 100644 (file)
--- a/nucleus/upgrades/upgrade2.0.php
+++ b/nucleus/upgrades/upgrade2.0.php
@@ -1,7 +1,7 @@
 <?php
 /*
  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2009 The Nucleus Group
+ * Copyright (C) 2002-2012 The Nucleus Group
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
@@ -11,8 +11,8 @@
  */
 /**
  * @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2009 The Nucleus Group
- * @version $Id: upgrade2.0.php 1388 2009-07-18 06:31:28Z shizuki $
+ * @copyright Copyright (C) 2002-2012 The Nucleus Group
+ * @version $Id: upgrade2.0.php 1889 2012-06-17 08:46:45Z sakamocchi $
  */
 
 function upgrade_do200() {
@@ -55,14 +55,14 @@ function upgrade_do200() {
        // add SkinsURL setting
        if (!upgrade_checkIfCVExists('SkinsURL')) {
                $skinsurl = str_replace('/media/','/skins/',$CONF['MediaURL']);
-               $query = 'INSERT INTO '.sql_table('config')." VALUES ('SkinsURL', '".addslashes($skinsurl)."');";
+               $query = 'INSERT INTO '.sql_table('config')." VALUES ('SkinsURL', ".DB::quoteValue($skinsurl).');';
                upgrade_query("Adding setting SkinsURL",$query);
        }
 
        // add ActionURL setting
        if (!upgrade_checkIfCVExists('ActionURL')) {
                $actionurl = str_replace('/media/','/action.php',$CONF['MediaURL']);
-               $query = 'INSERT INTO '.sql_table('config')." VALUES ('ActionURL', '".addslashes($actionurl)."');";
+               $query = 'INSERT INTO '.sql_table('config')." VALUES ('ActionURL', ".DB::quoteValue($actionurl).');';
                upgrade_query("Adding setting ActionURL",$query);
        }