v1.0.13

Fixed post handling in /settings (name, bio)

app/app.php

@@ -1,6 +1,6 @@
 <?php
 define('G_APP_NAME', 'Chevereto Free');
-define('G_APP_VERSION', '1.0.12');
+define('G_APP_VERSION', '1.0.13');
 define('G_APP_GITHUB_OWNER', 'Chevereto');
 define('G_APP_GITHUB_REPO', 'Chevereto-Free');
 define('G_APP_GITHUB_REPO_URL', 'https://github.com/' . G_APP_GITHUB_OWNER . '/' . G_APP_GITHUB_REPO);

app/install/installer.php

@@ -244,6 +244,7 @@ try {
 		],
 		'1.0.11' => NULL,
 		'1.0.12' => NULL,
+		'1.0.13' => NULL,
 	];
 	// Settings that must be renamed from NAME to NEW NAME and DELETE old NAME
 	$settings_rename = [];

app/routes/route.settings.php

@@ -392,7 +392,10 @@ $route = function($handler) {
 
 						if(CHV\User::update($user['id'], $editing_array)) {
 							$user = array_merge($user, $editing_array);
-							$handler::updateVar('safe_post', ['name' => CHV\User::sanitizeUserName($_POST['name'])]);
+							// 'name' gets sanitized on User::update, this update safe_post to reflect the actual value
+							$handler::updateVar('safe_post', [
+								'name' => G\safe_html($user['name']),
+							]);
 						}
 
 						if(!$is_dashboard_user) {

app/themes/Peafowl/views/settings.php

@@ -384,7 +384,7 @@
 					</div>
 					<div class="input-label">
 						<label for="bio"><?php _se('Bio'); ?></label>
-						<textarea name="bio" id="bio" class="resize-vertical" placeholder="<?php _se('Tell us a little bit about you'); ?>" maxlength="255"><?php echo get_safe_post() ? get_safe_post()["bio"] : get_user()["bio"]; ?></textarea>
+						<textarea name="bio" id="bio" class="resize-vertical" placeholder="<?php _se('Tell us a little bit about you'); ?>" maxlength="255"><?php echo get_safe_post() ? get_safe_post()["bio"] : get_safe_html_user()["bio"]; ?></textarea>
 						<span class="input-warning red-warning"><?php echo get_input_errors()["bio"]; ?></span>
 					</div>
 				</div>