From 631fb71118039b8a087fae854d4d8c114d176d5e Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Mon, 24 Dec 2001 13:05:00 +0000
Subject: Updates for the \' issue but fix for bug #496110 in admin_forums
 (changed names to utilise constants)

git-svn-id: file:///svn/phpbb/trunk@1681 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/admin/admin_disallow.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/admin/admin_disallow.php')

diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php
index 61da110417..e980e3feca 100644
--- a/phpBB/admin/admin_disallow.php
+++ b/phpBB/admin/admin_disallow.php
@@ -46,7 +46,7 @@ if( isset($HTTP_POST_VARS['add_name']) )
 	else
 	{
 		$sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) 
-			VALUES('" . $disallowed_user . "')";
+			VALUES('" . str_replace("\'", "''", $disallowed_user) . "')";
 		$result = $db->sql_query( $sql );
 		if ( !$result )
 		{
-- 
cgit v1.2.1