From 2d028e668fd4c4669d67514d0a33be2b8e3c2abe Mon Sep 17 00:00:00 2001
From: Ron Rennick <wpmuguru@git.wordpress.org>
Date: Mon, 5 Apr 2010 03:12:54 +0000
Subject: [PATCH] fix validation on dashboard site in ms-options, fixes #12831

git-svn-id: https://develop.svn.wordpress.org/trunk@14004 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/ms-edit.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wp-admin/ms-edit.php b/wp-admin/ms-edit.php
index 80ee159252..522847120a 100644
--- a/wp-admin/ms-edit.php
+++ b/wp-admin/ms-edit.php
@@ -77,8 +77,8 @@ switch ( $_GET['action'] ) {
 		if ( trim( $_POST['dashboard_blog'] ) == '' ) {
 			$_POST['dashboard_blog'] = $current_site->blog_id;
 			$dashboard_blog_id = $current_site->blog_id;
-		} else {
-			$dashboard_blog = untrailingslashit( sanitize_user( str_replace( '.', '', str_replace( $current_site->domain . $current_site->path, '', $_POST['dashboard_blog'] ) ) ) );
+		} elseif ( ! preg_match( '/(--|\.)/', $_POST['dashboard_blog'] ) && preg_match( '|^([a-zA-Z0-9-\.])+$|', $_POST['dashboard_blog'] ) ) {
+			$dashboard_blog = $_POST['dashboard_blog'];
 			$blog_details = get_blog_details( $dashboard_blog );
 			if ( false === $blog_details ) {
 				if ( is_numeric( $dashboard_blog ) )