From 6ec9f612261d57e7bb493045a5e2d62f7f36f3fe Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Sun, 16 Sep 2007 06:51:13 +0000
Subject: [PATCH] fixed problems pointed out by enricomilanese-AT-gmail.com

---
 admin/inc/class.uicategories.inc.php       | 2 ++
 preferences/inc/class.uicategories.inc.php | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/admin/inc/class.uicategories.inc.php b/admin/inc/class.uicategories.inc.php
index 5b5d5da501..bf90166ed8 100644
--- a/admin/inc/class.uicategories.inc.php
+++ b/admin/inc/class.uicategories.inc.php
@@ -314,6 +314,8 @@
 
 		function edit()
 		{
+			if (!preg_match('/^(#[0-9a-f]+|[a-z]+)?$/i',$_POST['cat_data']['color'])) unset($_POST['cat_data']['color']);
+			if (!preg_match('/^[-_\.a-z0-9]+\.(png|gif|jpe?g)$/i',$_POST['cat_data']['icon'])) unset($_POST['cat_data']['icon']);
 			$new_parent			= (int)$_POST['new_parent'];
 			$cat_parent			= (int)$_POST['cat_parent'];
 			$cat_name			= $_POST['cat_name'];
diff --git a/preferences/inc/class.uicategories.inc.php b/preferences/inc/class.uicategories.inc.php
index 9151e00689..7643e54696 100644
--- a/preferences/inc/class.uicategories.inc.php
+++ b/preferences/inc/class.uicategories.inc.php
@@ -331,6 +331,8 @@
 				'cats_level'	=> $cats_level,
 				'cat_id'		=> $cat_id
 			);
+			if (!preg_match('/^(#[0-9a-f]+|[a-z]+)?$/i',$_POST['cat_data']['color'])) unset($_POST['cat_data']['color']);
+			if (!preg_match('/^[-_\.a-z0-9]+\.(png|gif|jpe?g)$/i',$_POST['cat_data']['icon'])) unset($_POST['cat_data']['icon']);
 			$new_parent			= $_POST['new_parent'];
 			$cat_parent			= $_POST['cat_parent'];
 			$cat_name			= $_POST['cat_name'];