- fixed username display

Author: Marius Burkard

interface/web/sites/database_user_edit.php

@@ -152,7 +152,7 @@ function onBeforeUpdate() {
 		//* Database username shall not be empty
 		if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />';
 
-		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />';
+		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', htmlentities($dbuser_prefix . $this->dataRecord['database_user'], ENT_QUOTES, 'UTF-8'), $app->tform->wordbook["database_user_error_len"]).'<br />';
 
 		//* Check database user against blacklist
 		$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root');
@@ -190,7 +190,7 @@ function onBeforeInsert() {
 
 		$this->dataRecord['database_user_prefix'] = $dbuser_prefix;
 
-		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />';
+		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', htmlentities($dbuser_prefix . $this->dataRecord['database_user'], ENT_QUOTES, 'UTF-8'), $app->tform->wordbook["database_user_error_len"]).'<br />';
 
 		//* Check database user against blacklist
 		$dbuser_blacklist = array($conf['db_user'], 'mysql', 'root');