From ed411b1607d7e70db6e620a4a82707bbe9d5da0a Mon Sep 17 00:00:00 2001
From: "Committo,Ergo:sum" <esj@rezo.net>
Date: Wed, 5 Aug 2009 09:15:38 +0000
Subject: [PATCH] =?UTF-8?q?[14349]=20en=20mieux:=20neutraliser=20les=20out?=
 =?UTF-8?q?ils=20XML=20en=20amont=20lorsque=20les=20acc=C3=A8s=20on=20d?=
 =?UTF-8?q?=C3=A9rogaoires.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ecrire/index.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/ecrire/index.php b/ecrire/index.php
index e9869e502d..21de9a6d03 100644
--- a/ecrire/index.php
+++ b/ecrire/index.php
@@ -26,14 +26,17 @@ include_spip('inc/cookie');
 
 $exec = _request('exec');
 $reinstall = _request('reinstall')?_request('reinstall'):($exec=='install'?'oui':NULL);
+
 //
-// Authentification, redefinissable
+// Les scripts d'insallation n'authentifient pas, forcement,
+// alors il faut blinder les variables d'URL
 //
 if (autoriser_sans_cookie($exec)) {
 	if (!isset($reinstall)) $reinstall = 'non';
+	set_request('transformer_xml');
 	$var_auth = true;
 } else {
-	// cette variable es reutilisee en fin de script
+	// Authentification, redefinissable
 	$auth = charger_fonction('auth', 'inc');
 	$var_auth = $auth();
 	if ($var_auth) { 
-- 
GitLab