Quotes not properly escaped
Brought to you by:
focus-sis
Menu
▾
▴
#2 Quotes not properly escaped
Quotes in the user module are not properly escaped. For example, if a student is input into the database with a ' for the last name, upon display things are messed up. This needs to be checked, as all values taken from the user and put into the database should be escaped.
