From 1c5f7bfe9834e81a416e9f08ae07bcb8561132ab Mon Sep 17 00:00:00 2001
From: Tomasz Golinski <tomaszg@math.uwb.edu.pl>
Date: Thu, 6 Aug 2020 21:53:27 +0200
Subject: [PATCH] Escape username in CURL requests

---
 okapi.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/okapi.cpp b/okapi.cpp
index 29f3c29..dd2c61e 100644
--- a/okapi.cpp
+++ b/okapi.cpp
@@ -253,7 +253,9 @@ void Okapi::update_caches(Caches& cc) const {
 
 std::string Okapi::get_uuid(const std::string& username) const {
 	std::string service = url + OKAPI_username;
-	std::string query = "consumer_key=" + key + "&username=" + username + "&fields=uuid";
+	char* user_esc = curl_easy_escape(curl, username.c_str(), username.size()) ;
+	std::string query = "consumer_key=" + key + "&username=" + user_esc + "&fields=uuid";
+	curl_free(user_esc);
 	curl_post(service, query);
 	json j = json::parse(curl_output);
 	return j["uuid"];