44a45
>                 $esc_username = addslashes($username); //BC: escape the username
47c48
<                 if (Application_Model_Subjects::getLoginAttempts($username) >= 3 && $form->getElement('captcha') == NULL) {
---
>                 if (Application_Model_Subjects::getLoginAttempts($esc_username) >= 3 && $form->getElement('captcha') == NULL) { //BC: use esc_username
67c68
<                         Application_Model_Subjects::resetLoginAttempts($username);
---
>                         Application_Model_Subjects::resetLoginAttempts($esc_username); //BC: use esc_username
78c79
<                         Application_Model_Subjects::increaseLoginAttempts($username);
---
>                         Application_Model_Subjects::increaseLoginAttempts($esc_username); //BC: use esc_username