aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/mcp/mcp_notes.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/mcp/mcp_notes.php')
-rwxr-xr-xphpBB/includes/mcp/mcp_notes.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php
index cc4ed0e72b..302ace9755 100755
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@@ -68,13 +68,13 @@ class mcp_notes
global $template, $db, $user, $auth;
$user_id = request_var('u', 0);
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$start = request_var('start', 0);
$st = request_var('st', 0);
$sk = request_var('sk', 'b');
$sd = request_var('sd', 'd');
- $sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
+ $sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
@@ -161,7 +161,7 @@ class mcp_notes
$limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
$sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_IP'], 'd' => $user->lang['SORT_ACTION']);
- $sort_by_sql = array('a' => 'l.username', 'b' => 'l.log_time', 'c' => 'l.log_ip', 'd' => 'l.log_operation');
+ $sort_by_sql = array('a' => 'u.username', 'b' => 'l.log_time', 'c' => 'l.log_ip', 'd' => 'l.log_operation');
$s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
gen_sort_selects($limit_days, $sort_by_text, $st, $sk, $sd, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
generated by cgit v1.2.1 (git 2.21.0) at 2026-04-09 07:28:54 +0000