From 7450c14836f0701ddf47079317c42c3b26423c28 Mon Sep 17 00:00:00 2001
From: Peter Goodhall <peter@magicbug.co.uk>
Date: Sat, 5 Oct 2019 19:28:20 +0100
Subject: [PATCH] XSS clean to run on username when logging in if XSS_clean in
 config.php isn't called

---
 application/controllers/User.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/controllers/User.php b/application/controllers/User.php
index 0956e018..090f4943 100644
--- a/application/controllers/User.php
+++ b/application/controllers/User.php
@@ -323,7 +323,7 @@ class User extends CI_Controller {
 
 	function login() {
 		$this->load->model('user_model');
-		$query = $this->user_model->get($this->input->post('user_name'));
+		$query = $this->user_model->get($this->input->post('user_name', true));
 
 		$this->load->library('form_validation');