- $username = ((x($_POST, 'username')) ? notags(trim($_POST['username'])) : '');
- $email = ((x($_POST, 'email')) ? notags(trim($_POST['email'])) : '');
- $timezone = ((x($_POST, 'timezone')) ? notags(trim($_POST['timezone'])) : '');
- $language = ((x($_POST, 'language')) ? notags(trim($_POST['language'])) : '');
-
- $defloc = ((x($_POST, 'defloc')) ? notags(trim($_POST['defloc'])) : '');
- $openid = ((x($_POST, 'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
- $maxreq = ((x($_POST, 'maxreq')) ? intval($_POST['maxreq']) : 0);
- $expire = ((x($_POST, 'expire')) ? intval($_POST['expire']) : 0);
- $def_gid = ((x($_POST, 'group-selection')) ? intval($_POST['group-selection']) : 0);
-
-
- $expire_items = ((x($_POST, 'expire_items')) ? intval($_POST['expire_items']) : 0);
- $expire_notes = ((x($_POST, 'expire_notes')) ? intval($_POST['expire_notes']) : 0);
- $expire_starred = ((x($_POST, 'expire_starred')) ? intval($_POST['expire_starred']) : 0);
- $expire_photos = ((x($_POST, 'expire_photos'))? intval($_POST['expire_photos']) : 0);
- $expire_network_only = ((x($_POST, 'expire_network_only'))? intval($_POST['expire_network_only']) : 0);
-
- $allow_location = (((x($_POST, 'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
- $publish = (((x($_POST, 'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
- $net_publish = (((x($_POST, 'profile_in_netdirectory')) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
- $old_visibility = (((x($_POST, 'visibility')) && (intval($_POST['visibility']) == 1)) ? 1 : 0);
- $account_type = (((x($_POST, 'account-type')) && (intval($_POST['account-type']))) ? intval($_POST['account-type']) : 0);
- $page_flags = (((x($_POST, 'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
- $blockwall = (((x($_POST, 'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
- $blocktags = (((x($_POST, 'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
- $unkmail = (((x($_POST, 'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
- $cntunkmail = ((x($_POST, 'cntunkmail')) ? intval($_POST['cntunkmail']) : 0);
- $suggestme = ((x($_POST, 'suggestme')) ? intval($_POST['suggestme']) : 0);
+ $username = (!empty($_POST['username']) ? Strings::escapeTags(trim($_POST['username'])) : '');
+ $email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : '');
+ $timezone = (!empty($_POST['timezone']) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
+ $language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
+
+ $defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
+ $openid = (!empty($_POST['openid_url']) ? Strings::escapeTags(trim($_POST['openid_url'])) : '');
+ $maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
+ $expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
+ $def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
+
+
+ $expire_items = (!empty($_POST['expire_items']) ? intval($_POST['expire_items']) : 0);
+ $expire_notes = (!empty($_POST['expire_notes']) ? intval($_POST['expire_notes']) : 0);
+ $expire_starred = (!empty($_POST['expire_starred']) ? intval($_POST['expire_starred']) : 0);
+ $expire_photos = (!empty($_POST['expire_photos'])? intval($_POST['expire_photos']) : 0);
+ $expire_network_only = (!empty($_POST['expire_network_only'])? intval($_POST['expire_network_only']) : 0);
+
+ $allow_location = ((!empty($_POST['allow_location']) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
+ $publish = ((!empty($_POST['profile_in_directory']) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
+ $net_publish = ((!empty($_POST['profile_in_netdirectory']) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
+ $old_visibility = ((!empty($_POST['visibility']) && (intval($_POST['visibility']) == 1)) ? 1 : 0);
+ $account_type = ((!empty($_POST['account-type']) && (intval($_POST['account-type']))) ? intval($_POST['account-type']) : 0);
+ $page_flags = ((!empty($_POST['page-flags']) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
+ $blockwall = ((!empty($_POST['blockwall']) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
+ $blocktags = ((!empty($_POST['blocktags']) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
+ $unkmail = ((!empty($_POST['unkmail']) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
+ $cntunkmail = (!empty($_POST['cntunkmail']) ? intval($_POST['cntunkmail']) : 0);
+ $suggestme = (!empty($_POST['suggestme']) ? intval($_POST['suggestme']) : 0);