Problem with player names containing special characters: quotation marks/apostrophe

[borzaka]

What are the steps to reproduce this issue?

1. Have a user on the server with quotation mark (or apostrophe) in the name, for example:
   -KODIAK's LaiR- Mantaboy2
2. Try to get playerinfo (View Profile), or Ban/Block/Kick from the right click menu at the WebPanel.

What happens?

An error shows that the player is not on the server anymore. And therefore you can't get playerinfo, can't ban/kick/etc that player.

Playerinfo:

Banning:

What were you expecting to happen?

To successfully get playerinfo, able to ban/kick and do everything that WebPanel supports with a player.

Any logs, error output, etc.?

Console log when I tried to get that player info:

hostname: HOSTNAME
version : 1.37.1.5/13715 983/7621 secure  [G:1:0000000] 
udp/ip  : x.x.x.x:27035  (public ip: x.x.x.x)
os      :  Linux
type    :  community dedicated
map     : de_dust2
gotv[0]:  port 27040, delay 105.0s, rate 32.0
players : 5 humans, 1 bots (10/0 max) (not hibernating)

# userid name uniqueid connected ping loss state rate adr
# 8 "GOTV" BOT active 32
# 64 2 "V4Lto♿" STEAM_1:1:000000000 00:27 25 0 active 786432 0.0.0.0:27005
# 63 3 "TaPsI.TT" STEAM_1:0:000000000 04:07 16 0 active 786432 0.0.0.0:58359
# 57 5 "neverz" STEAM_1:0:000000000 25:59 25 0 active 786432 0.0.0.0:27005
# 58 7 "-KODIAK's LaiR- Mantaboy2" STEAM_1:1:000000000 19:00 43 0 active 786432 0.0.0.0:27005
# 54 8 "fazék" STEAM_1:0:000000000 32:23 23 0 active 786432 0.0.0.0:27005
#end
L 09/28/2019 - 12:46:21: rcon from "x.x.x.x:43592": command "status"

Note: I hided any sensitive information.

Any other comments?

What versions of software are you using?

Operating System: Linux 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2 (2019-08-28) x86_64 GNU/Linux (Debian 10.1)
SourceBans++ Version: 1.7.0 | Git: 931
PHP Version: 7.3.4-2
MySQL Version: mariadb Ver 15.1 Distrib 10.3.17-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
Link to your project: Sorry, I don't want to post it here.
Link to a phpinfo() output: I don't want to post it here.

If you need the last two info, contact me on Discord.

[CrazyHackGUT]

I hided any sensitive information.

You forget about Steam Server ID. By Steam Server ID, any user can retrieve Server IP with Steam Web API.

[borzaka]

Thank you, I didn't know that was a Steam Server ID.

[borzaka]

Unfortunately this is still an issue. I can give you a name example which behaves exactly the same as in the opening comment:
/Dominik\®|cs.money

Yes, I have updated my Web Panel files with fixing PR.

[borzaka]

Another example:
kortemonsta#1514

Web panel says that player is not on the server any more, but he is.