From af205cb50af430b743fccd84475be15ce14fc84e Mon Sep 17 00:00:00 2001
From: Chris Cormack <chrisc@catalyst.net.nz>
Date: Sun, 27 Nov 2011 21:58:04 +1300
Subject: [PATCH] Bug 6629 : Follow up, sanitising in a couple more places

Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
---
 installer/install.pl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/installer/install.pl b/installer/install.pl
index 5b065e87b8..ae478b60a6 100755
--- a/installer/install.pl
+++ b/installer/install.pl
@@ -229,6 +229,7 @@ elsif ( $step && $step == 3 ) {
         # Framework Selection is achieved through checking boxes.
         my $langchoice = $query->param('fwklanguage');
         $langchoice = $query->cookie('KohaOpacLanguage') unless ($langchoice);
+	$langchoice =~ s/[^a-zA-Z_-]*//g;
         my $marcflavour = $query->param('marcflavour');
         if ($marcflavour){
             $installer->set_marcflavour_syspref($marcflavour);
@@ -266,6 +267,7 @@ elsif ( $step && $step == 3 ) {
         # Marcflavour Selection is achieved through radiobuttons.
         my $langchoice = $query->param('fwklanguage');
         $langchoice = $query->cookie('KohaOpacLanguage') unless ($langchoice);
+	$langchoice =~ s/[^a-zA-Z_-]*//g;
         my $dir =
           C4::Context->config('intranetdir') . "/installer/data/$info{dbms}/$langchoice/marcflavour";
         unless (opendir( MYDIR, $dir )) {
-- 
2.20.1