diff options
Diffstat (limited to 'src/etc')
| -rw-r--r-- | src/etc/inc/captiveportal.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/etc/inc/captiveportal.inc b/src/etc/inc/captiveportal.inc index 0bb4a8d..9e3d6e2 100644 --- a/src/etc/inc/captiveportal.inc +++ b/src/etc/inc/captiveportal.inc @@ -2086,7 +2086,7 @@ function portal_allow($clientip, $clientmac, $username, $password = null, $attri /* read in client database */ $query = "WHERE ip = '{$clientip}'"; - $tmpusername = str_replace("'", "''", strtolower($username)); + $tmpusername = SQLite3::escapeString(strtolower($username)); if (isset($config['captiveportal'][$cpzone]['noconcurrentlogins'])) { $query .= " OR (username != 'unauthenticated' AND lower(username) = '{$tmpusername}')"; } |
