From 3002ed9e93ea39b7c341b0b3a24f0d4f654ef062 Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Tue, 29 Aug 2017 22:22:53 +0200
Subject: Security: Only allow angels with admin_news_html privilege to use
 HTML

---
 includes/pages/admin_user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'includes/pages/admin_user.php')

diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index aea68f52..ca814b2e 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -272,7 +272,7 @@ function admin_user()
                       WHERE `UID` = ?
                       LIMIT 1';
                 DB::update($sql, [
-                    $request->postData('eNick'),
+                    User_validate_Nick($request->postData('eNick')),
                     $request->postData('eName'),
                     $request->postData('eVorname'),
                     $request->postData('eTelefon'),
-- 
cgit v1.2.3-54-g00ecf