From dd1637ec7d91e202a715ac83f8cf5cc7142f710c Mon Sep 17 00:00:00 2001
From: wpmuguru <wpmuguru@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Mon, 5 Apr 2010 03:12:54 +0000
Subject: [PATCH] fix validation on dashboard site in ms-options, fixes #12831

git-svn-id: http://svn.automattic.com/wordpress/trunk@14004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/ms-edit.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wp-admin/ms-edit.php b/wp-admin/ms-edit.php
index 80ee15925..522847120 100644
--- a/wp-admin/ms-edit.php
+++ b/wp-admin/ms-edit.php
@@ -77,8 +77,8 @@ switch ( $_GET['action'] ) {
 		if ( trim( $_POST['dashboard_blog'] ) == '' ) {
 			$_POST['dashboard_blog'] = $current_site->blog_id;
 			$dashboard_blog_id = $current_site->blog_id;
-		} else {
-			$dashboard_blog = untrailingslashit( sanitize_user( str_replace( '.', '', str_replace( $current_site->domain . $current_site->path, '', $_POST['dashboard_blog'] ) ) ) );
+		} elseif ( ! preg_match( '/(--|\.)/', $_POST['dashboard_blog'] ) && preg_match( '|^([a-zA-Z0-9-\.])+$|', $_POST['dashboard_blog'] ) ) {
+			$dashboard_blog = $_POST['dashboard_blog'];
 			$blog_details = get_blog_details( $dashboard_blog );
 			if ( false === $blog_details ) {
 				if ( is_numeric( $dashboard_blog ) )