From 9a2888c95969329c160671483a20a6452a90c0bf Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Tue, 17 Jan 2017 07:51:20 +0100
Subject: [PATCH] escape username in show

---
 .../saimod_mojotrollz_server_tbc.php                             | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mojotrollz/sai/saimod_mojotrollz_server_tbc/saimod_mojotrollz_server_tbc.php b/mojotrollz/sai/saimod_mojotrollz_server_tbc/saimod_mojotrollz_server_tbc.php
index 64afdc1..0705401 100644
--- a/mojotrollz/sai/saimod_mojotrollz_server_tbc/saimod_mojotrollz_server_tbc.php
+++ b/mojotrollz/sai/saimod_mojotrollz_server_tbc/saimod_mojotrollz_server_tbc.php
@@ -48,6 +48,7 @@ class saimod_mojotrollz_server_tbc extends \SYSTEM\SAI\SaiModule {
     }
     public static function sai_mod__SAI_saimod_mojotrollz_server_tbc_action_account_show($id){
         $vars = \SQL\TBC_ACCOUNT::Q1(array($id));
+        $vars['username'] = \htmlspecialchars($vars['username']);
         $vars['entries'] = $vars['entries_test'] = '';
         $res = \SQL\TBC_ACCOUNT_CHARACTERS::QQ(array($id));
         while($r = $res->next()){