diff options
Diffstat (limited to 'phpBB/includes/sessions.php')
| -rw-r--r-- | phpBB/includes/sessions.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/includes/sessions.php b/phpBB/includes/sessions.php index a208da08a9..eced1c5956 100644 --- a/phpBB/includes/sessions.php +++ b/phpBB/includes/sessions.php @@ -133,8 +133,8 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea OR ban_userid = $user_id"; if( $user_id != ANONYMOUS ) { - $sql .= " OR ban_email LIKE '" . $row['user_email'] . "' - OR ban_email LIKE '" . substr($row['user_email'], strpos($row['user_email'], "@")) . "'"; + $sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $row['user_email']) . "' + OR ban_email LIKE '" . substr(str_replace("\'", "''", $row['user_email']), strpos(str_replace("\'", "''", $row['user_email']), "@")) . "'"; } $result = $db->sql_query($sql); if( !$result ) |