diff options
Diffstat (limited to 'phpBB/groupcp.php')
| -rw-r--r-- | phpBB/groupcp.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/groupcp.php b/phpBB/groupcp.php index 0789834749..4e9b41fea2 100644 --- a/phpBB/groupcp.php +++ b/phpBB/groupcp.php @@ -316,7 +316,7 @@ else if( $group_id ) $sql = "SELECT user_id, user_email FROM " . USERS_TABLE . " - WHERE username = '$username'"; + WHERE username = '" . str_replace("\'", "''", $username) . "'"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql); |