From c79ff788ea325dd0332107b07c58f5d0bfb3ebd4 Mon Sep 17 00:00:00 2001
From: Carsten Bach <mail@carsten-bach.de>
Date: Sun, 25 Aug 2024 23:14:21 +0200
Subject: [PATCH] Keep slashes in user-defined date- and time-format strings

---
 includes/core/classes/class-user.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/includes/core/classes/class-user.php b/includes/core/classes/class-user.php
index 75523ef27..45701817e 100644
--- a/includes/core/classes/class-user.php
+++ b/includes/core/classes/class-user.php
@@ -214,8 +214,8 @@ public function save_profile_fields( int $user_id ): void {
 		}
 
 		update_user_meta( $user_id, 'gatherpress_event_updates_opt_in', intval( filter_input( INPUT_POST, 'gatherpress_event_updates_opt_in' ) ) );
-		update_user_meta( $user_id, 'gatherpress_date_format', sanitize_text_field( filter_input( INPUT_POST, 'gatherpress_date_format' ) ) );
-		update_user_meta( $user_id, 'gatherpress_time_format', sanitize_text_field( filter_input( INPUT_POST, 'gatherpress_time_format' ) ) );
+		update_user_meta( $user_id, 'gatherpress_date_format', sanitize_text_field( filter_input( INPUT_POST, 'gatherpress_date_format', FILTER_SANITIZE_ADD_SLASHES ) ) );
+		update_user_meta( $user_id, 'gatherpress_time_format', sanitize_text_field( filter_input( INPUT_POST, 'gatherpress_time_format', FILTER_SANITIZE_ADD_SLASHES ) ) );
 		update_user_meta( $user_id, 'gatherpress_timezone', sanitize_text_field( filter_input( INPUT_POST, 'gatherpress_timezone' ) ) );
 	}
 }