- adjust unread query a bit to cope with large topics (thanks bart!)

- fixing some bugs
- more username_clean work


git-svn-id: file:///svn/phpbb/trunk@6513 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/mcp/mcp_notes.php

@@ -68,13 +68,13 @@ class mcp_notes
 		global $template, $db, $user, $auth;
 
 		$user_id = request_var('u', 0);
-		$username = request_var('username', '');
+		$username = request_var('username', '', true);
 		$start = request_var('start', 0);
 		$st	= request_var('st', 0);
 		$sk	= request_var('sk', 'b');
 		$sd	= request_var('sd', 'd');
 
-		$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
+		$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 
 		$sql = 'SELECT *
 			FROM ' . USERS_TABLE . "

phpBB/includes/mcp/mcp_post.php

@@ -59,8 +59,8 @@ function mcp_post_details($id, $mode, $action)
 
 			if ($action == 'chgposter')
 			{
-				$username = request_var('username', '');
-				$sql_where = "username = '" . $db->sql_escape($username) . "'";
+				$username = request_var('username', '', true);
+				$sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 			}
 			else
 			{

phpBB/includes/mcp/mcp_warn.php

@@ -310,11 +310,11 @@ function mcp_warn_user_view($id, $mode, $action)
 	global $template, $db, $user, $auth;
 
 	$user_id = request_var('u', 0);
-	$username = request_var('username', '');
+	$username = request_var('username', '', true);
 	$notify = (isset($_REQUEST['notify_user'])) ? true : false;
 	$warning = request_var('warning', '', true);
 
-	$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
+	$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 
 	$sql = 'SELECT *
 		FROM ' . USERS_TABLE . '