diff options
Diffstat (limited to 'phpBB/admin/admin_disallow.php')
| -rw-r--r-- | phpBB/admin/admin_disallow.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php index 61da110417..e980e3feca 100644 --- a/phpBB/admin/admin_disallow.php +++ b/phpBB/admin/admin_disallow.php @@ -46,7 +46,7 @@ if( isset($HTTP_POST_VARS['add_name']) ) else { $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) - VALUES('" . $disallowed_user . "')"; + VALUES('" . str_replace("\'", "''", $disallowed_user) . "')"; $result = $db->sql_query( $sql ); if ( !$result ) { |