' . /*WP_I18N_ERROR_TRYAGAIN*/'Try Again'/*/WP_I18N_ERROR_TRYAGAIN*/ . ''; + + // Validate $prefix: it can only contain letters, numbers and underscores if ( empty($prefix) ) - $prefix = 'wp_'; + wp_die( /*WP_I18N_EMPTY_PREFIX*/'ERROR: "Table Prefix" must not be empty.'/*/WP_I18N_EMPTY_PREFIX*/ . $tryagain_link ); - // Validate $prefix: it can only contain letters, numbers and underscores if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) - wp_die( /*WP_I18N_BAD_PREFIX*/'ERROR: "Table Prefix" can only contain numbers, letters, and underscores.'/*/WP_I18N_BAD_PREFIX*/ ); + wp_die( /*WP_I18N_BAD_PREFIX*/'ERROR: "Table Prefix" can only contain numbers, letters, and underscores.'/*/WP_I18N_BAD_PREFIX*/ . $tryagain_link ); // Test the db connection. /**#@+ @@ -174,10 +177,8 @@ // We'll fail here if the values are no good. require_wp_db(); - if ( ! empty( $wpdb->error ) ) { - $back = '
'; - wp_die( $wpdb->error->get_error_message() . $back ); - } + if ( ! empty( $wpdb->error ) ) + wp_die( $wpdb->error->get_error_message() . $tryagain_link ); // Fetch or generate keys and salts. $no_api = isset( $_POST['noapi'] ); @@ -215,12 +216,15 @@ foreach ($configFile as $line_num => $line) { switch (substr($line,0,16)) { case "define('DB_NAME'": + $dbname = addcslashes($dbname, "\\'"); $configFile[$line_num] = str_replace("database_name_here", $dbname, $line); break; case "define('DB_USER'": + $uname = addcslashes($uname, "\\'"); $configFile[$line_num] = str_replace("'username_here'", "'$uname'", $line); break; case "define('DB_PASSW": + $passwrd = addcslashes($passwrd, "\\'"); $configFile[$line_num] = str_replace("'password_here'", "'$passwrd'", $line); break; case "define('DB_HOST'":