escape the loginname value

michield · michield · commit 74e574cc3259 · 2020-07-03T15:30:06.000+01:00
Signed-off-by: Michiel Dethmers &lt;git@phplist.com&gt;
diff --git a/public_html/lists/admin/importadmin.php b/public_html/lists/admin/importadmin.php
@@ -213,15 +213,15 @@
             privileges  = "%s"
             where id = %d',
                             $tables['admin'], sql_escape($email), sql_escape($loginname),
-                            normalize($loginname), adminName($_SESSION['logindetails']['id']),
+                            sql_escape(normalize($loginname)), adminName($_SESSION['logindetails']['id']),
                             encryptPass($data['password']), sql_escape(serialize($privs)), $adminid);
                         $result = Sql_query($query);
                     } else {
                         $query = sprintf('INSERT INTO %s
             (email,loginname,namelc,created,modifiedby,passwordchanged,password,superuser,disabled,privileges)
             values("%s","%s","%s",now(),"%s",now(),"%s",0,0,"%s")',
                             $tables['admin'], sql_escape($email), sql_escape($loginname),
-                            normalize($loginname), adminName($_SESSION['logindetails']['id']),
+                            sql_escape(normalize($loginname)), adminName($_SESSION['logindetails']['id']),
                             encryptPass($data['password']), sql_escape(serialize($privs)));
                         $result = Sql_query($query);
                         $adminid = Sql_insert_id();
