From ab2f968477b268cffccef095c9f22a76aab09e4d Mon Sep 17 00:00:00 2001
From: Phil Davis <phil.davis@inf.org>
Date: Tue, 19 Apr 2016 17:40:13 +0545
Subject: Escape username before use in CP SQL

A maybe "better" version to try.
(cherry picked from commit 0a02fc5eefb265e0684d4447bf0a7c2a9687a188)
---
 src/etc/inc/captiveportal.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/etc/inc/captiveportal.inc')

diff --git a/src/etc/inc/captiveportal.inc b/src/etc/inc/captiveportal.inc
index 0bb4a8d..9e3d6e2 100644
--- a/src/etc/inc/captiveportal.inc
+++ b/src/etc/inc/captiveportal.inc
@@ -2086,7 +2086,7 @@ function portal_allow($clientip, $clientmac, $username, $password = null, $attri
 
 	/* read in client database */
 	$query = "WHERE ip = '{$clientip}'";
-	$tmpusername = str_replace("'", "''", strtolower($username));
+	$tmpusername = SQLite3::escapeString(strtolower($username));
 	if (isset($config['captiveportal'][$cpzone]['noconcurrentlogins'])) {
 		$query .= " OR (username != 'unauthenticated' AND lower(username) = '{$tmpusername}')";
 	}
-- 
cgit v1.1