X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fgroup.php;h=51fa2493e4ae2d6cf07a1049c1dede1ab193ca80;hb=0dc06d66a0f4bc68529fe693b919d0a72ea57a28;hp=8b2ce9ca12eb829e9efcc19abf08bbc612934c1c;hpb=8821d33f73785884cfce83e7b23d3ef19cc1bc11;p=friendica.git

diff --git a/mod/group.php b/mod/group.php
index 8b2ce9ca12..51fa2493e4 100644
--- a/mod/group.php
+++ b/mod/group.php
@@ -16,6 +16,7 @@ use Friendica\Database\DBA;
 use Friendica\Model;
 use Friendica\Module;
 use Friendica\Util\Security;
+use Friendica\Util\Strings;
 
 function group_init(App $a) {
 	if (local_user()) {
@@ -33,7 +34,7 @@ function group_post(App $a) {
 	if (($a->argc == 2) && ($a->argv[1] === 'new')) {
 		BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit');
 
-		$name = notags(trim($_POST['groupname']));
+		$name = Strings::escapeTags(trim($_POST['groupname']));
 		$r = Model\Group::create(local_user(), $name);
 		if ($r) {
 			info(L10n::t('Group created.') . EOL);
@@ -61,7 +62,7 @@ function group_post(App $a) {
 			return; // NOTREACHED
 		}
 		$group = $r[0];
-		$groupname = notags(trim($_POST['groupname']));
+		$groupname = Strings::escapeTags(trim($_POST['groupname']));
 		if (strlen($groupname) && ($groupname != $group['name'])) {
 			$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
 				DBA::escape($groupname),