From 17a1c70398a309f9dd3daad660e18ab90c1bab75 Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Thu, 22 Dec 2016 18:40:54 +0100
Subject: [PATCH] Username escaping is no longer required

---
 .../lib/system/message/quote/MessageQuoteManager.class.php   | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php b/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php
index d381f1592a..037426e990 100644
--- a/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php
+++ b/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php
@@ -423,15 +423,14 @@ class MessageQuoteManager extends SingletonFactory {
 	 * @return	string
 	 */
 	public function renderQuote(IMessage $message, $text, $renderAsString = true) {
-		$escapedUsername = str_replace(["\\", "'"], ["\\\\", "\'"], $message->getUsername());
 		$escapedLink = str_replace(["\\", "'"], ["\\\\", "\'"], $message->getLink());
 		
 		if ($renderAsString) {
-			return "[quote='".$escapedUsername."','".$escapedLink."']".$text."[/quote]";
+			return "[quote='".$message->getUsername()."','".$escapedLink."']".$text."[/quote]";
 		}
 		else {
 			return [
-				'username' => $escapedUsername,
+				'username' => $message->getUsername(),
 				'link' => $escapedLink,
 				'text' => $text
 			];
-- 
2.20.1