<?php
/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2009 The Nucleus Group
+ * Copyright (C) 2002-2012 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
*/
/**
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2009 The Nucleus Group
- * @version $Id: upgrade2.0.php 1388 2009-07-18 06:31:28Z shizuki $
+ * @copyright Copyright (C) 2002-2012 The Nucleus Group
+ * @version $Id: upgrade2.0.php 1889 2012-06-17 08:46:45Z sakamocchi $
*/
function upgrade_do200() {
// add SkinsURL setting
if (!upgrade_checkIfCVExists('SkinsURL')) {
$skinsurl = str_replace('/media/','/skins/',$CONF['MediaURL']);
- $query = 'INSERT INTO '.sql_table('config')." VALUES ('SkinsURL', '".addslashes($skinsurl)."');";
+ $query = 'INSERT INTO '.sql_table('config')." VALUES ('SkinsURL', ".DB::quoteValue($skinsurl).');';
upgrade_query("Adding setting SkinsURL",$query);
}
// add ActionURL setting
if (!upgrade_checkIfCVExists('ActionURL')) {
$actionurl = str_replace('/media/','/action.php',$CONF['MediaURL']);
- $query = 'INSERT INTO '.sql_table('config')." VALUES ('ActionURL', '".addslashes($actionurl)."');";
+ $query = 'INSERT INTO '.sql_table('config')." VALUES ('ActionURL', ".DB::quoteValue($actionurl).');';
upgrade_query("Adding setting ActionURL",$query);
}