diff --git a/src/modules/core.js b/src/modules/core.js
index 69d483e..94dbab2 100644
--- a/src/modules/core.js
+++ b/src/modules/core.js
@@ -101,8 +101,14 @@
 			var user = AFCH.consts.user,
 				whitelist = new AFCH.Page( AFCH.consts.whitelistTitle );
 			whitelist.getText().done( function ( text ) {
+
+				// sanitizedUser is user, but escaped for use in the regex.
+				// Otherwise a user named ... would always be able to use
+				// the script, so long as there was a user whose name was
+				// three characters long on the list!
 				var $howToDisable,
-					userAllowed = ( new RegExp( '\\|\\s*' + user + '\\s*}' ) ).test( text );
+					sanitizedUser = user.replace( /[\-\[\]\/\{\}\(\)\*\+\?\.\\\^\$\|]/g, '\\$&' ),
+					userAllowed = ( new RegExp( '\\|\\s*' + sanitizedUser + '\\s*}' ) ).test( text );
 
 				if ( !userAllowed ) {
 
@@ -778,7 +784,7 @@
 						} );
 					}
 
-					appendText += ' ~~'+'~~'+'~\n';
+					appendText += ' ~~' + '~~' + '~\n';
 
 					logPage.edit( {
 						contents: appendText,
diff --git a/src/modules/submissions.js b/src/modules/submissions.js
index 6c551a2..35eca20 100644
--- a/src/modules/submissions.js
+++ b/src/modules/submissions.js
@@ -1093,7 +1093,7 @@
 			// $1 = article name
 			// $2 = article class or '' if not available
 			'accepted-submission': '== Your submission at [[Wikipedia:Articles for creation|Articles for creation]]: ' +
-				'[[$1]] has been accepted ==\n{{subst:Afc talk|$1|class=$2|sig=~~'+'~~}}',
+				'[[$1]] has been accepted ==\n{{subst:Afc talk|$1|class=$2|sig=~~' + '~~}}',
 
 			// $1 = full submission title
 			// $2 = short title
@@ -1110,9 +1110,9 @@
 			'comment-on-submission': '{{subst:AFC notification|comment|article=$1}}',
 
 			// $1 = article name
-			'g13-submission': '{{subst:Db-afc-notice|$1}} ~~'+'~~',
+			'g13-submission': '{{subst:Db-afc-notice|$1}} ~~' + '~~',
 
-			'teahouse-invite': '{{subst:Wikipedia:Teahouse/AFC invitation|sign=~~'+'~~}}'
+			'teahouse-invite': '{{subst:Wikipedia:Teahouse/AFC invitation|sign=~~' + '~~}}'
 		} );
 	}