diff options
Diffstat (limited to '')
| -rw-r--r-- | include/functions_comment.inc.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php index e7fbec7b7..aff7b9a35 100644 --- a/include/functions_comment.inc.php +++ b/include/functions_comment.inc.php @@ -99,7 +99,7 @@ function insert_user_comment( &$comm, $key, &$infos ) $query = ' SELECT COUNT(*) AS user_exists FROM '.USERS_TABLE.' - WHERE '.$conf['user_fields']['username']." = '".$comm['author']."'"; + WHERE '.$conf['user_fields']['username']." = '".addslashes($comm['author'])."'"; $row = mysql_fetch_assoc( pwg_query( $query ) ); if ( $row['user_exists'] == 1 ) { |