Improved input handling

BOINC · Oct 11, 2024 · 47cf87f · 47cf87f
1 parent dca4153
commit 47cf87f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/html/user/edit_user_info_action.php b/html/user/edit_user_info_action.php
@@ -26,7 +26,7 @@
 $user = get_logged_in_user();
 check_tokens($user->authenticator);
 
-$name = trim(post_str("user_name"));
+$name = filter_input(INPUT_POST, 'user_name', FILTER_SANITIZE_SPECIAL_CHARS);
 if ($name != sanitize_tags($name)) {
     error_page(tra("HTML tags are not allowed in your name."));
 }