Index: functions-formatting.php
===================================================================
--- functions-formatting.php	(revision 3397)
+++ functions-formatting.php	(working copy)
@@ -266,7 +266,7 @@
 }
 
 function sanitize_user( $username ) {
-	return preg_replace('|a-z0-9 _.-|i', '', $username);
+	return addslashes(preg_replace('|a-z0-9 _.-|i', '', $username));
 }
 
 function sanitize_title($title, $fallback_title = '') {