X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsettings.php;h=080bcdeb93848a7cc086c60798583752a3b17be3;hb=b5d2d32b443f7aa8ec6e0e91f36da3cc0a0f2a82;hp=d3fbd81db83d44efde74569e2453e748ec740eef;hpb=63da4a75e9da71a2decebd81b62554457dbd1fb5;p=friendica.git

diff --git a/mod/settings.php b/mod/settings.php
index d3fbd81db8..080bcdeb93 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -37,7 +37,6 @@ use Friendica\Model\User;
 use Friendica\Module\BaseSettings;
 use Friendica\Module\Security\Login;
 use Friendica\Protocol\Email;
-use Friendica\Util\Strings;
 use Friendica\Util\Temporal;
 use Friendica\Worker\Delivery;
 
@@ -216,14 +215,14 @@ function settings_post(App $a)
 		}
 	}
 
-	$username         = (!empty($_POST['username'])   ? Strings::escapeTags(trim($_POST['username']))     : '');
-	$email            = (!empty($_POST['email'])      ? Strings::escapeTags(trim($_POST['email']))        : '');
-	$timezone         = (!empty($_POST['timezone'])   ? Strings::escapeTags(trim($_POST['timezone']))     : '');
-	$language         = (!empty($_POST['language'])   ? Strings::escapeTags(trim($_POST['language']))     : '');
+	$username         = (!empty($_POST['username'])        ? trim($_POST['username'])          : '');
+	$email            = (!empty($_POST['email'])           ? trim($_POST['email'])             : '');
+	$timezone         = (!empty($_POST['timezone'])        ? trim($_POST['timezone'])          : '');
+	$language         = (!empty($_POST['language'])        ? trim($_POST['language'])          : '');
 
-	$defloc           = (!empty($_POST['defloc'])     ? Strings::escapeTags(trim($_POST['defloc']))       : '');
-	$maxreq           = (!empty($_POST['maxreq'])     ? intval($_POST['maxreq'])             : 0);
-	$expire           = (!empty($_POST['expire'])     ? intval($_POST['expire'])             : 0);
+	$defloc           = (!empty($_POST['defloc'])          ? trim($_POST['defloc'])            : '');
+	$maxreq           = (!empty($_POST['maxreq'])          ? intval($_POST['maxreq'])          : 0);
+	$expire           = (!empty($_POST['expire'])          ? intval($_POST['expire'])          : 0);
 	$def_gid          = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
 
 
@@ -309,7 +308,9 @@ function settings_post(App $a)
 
 	if ($email != $user['email']) {
 		//  check for the correct password
-		if (!User::authenticate(intval(local_user()), $_POST['mpassword'])) {
+		try {
+			User::getIdFromPasswordAuthentication(local_user(), $_POST['mpassword']);
+		} catch (Exception $ex) {
 			$err .= DI::l10n()->t('Wrong Password.');
 			$email = $user['email'];
 		}