I am getting Database errors with certian hacks when a member has a ' in their name. I know the ' is used in SQL syntax so I am sure that is causing some conflict. Does anyone know what I can add to my php files for the hack in question to eliminate this problem? I think its like addslashes or something but I am not sure.

$result = $DB_site->query("SELECT user FROM shoutbox_ban WHERE user='".$bbuserinfo['username']."'");

That is the line in question.

Change $bbuserinfo['username'] to addslashes($bbuserinfo['username']).

Thank you.

That's also pretty badly coded...it should check by userid, not username, for security and speed reasons.

Yeah, I am using the shoutbox made by a french programmer, not that he programs bad because he is french. I just liked the format of it because it just uses another table kind of like users online. The other one was nice, but I didn't need all those features.