Group name does't need to be sanitized before storing it in the database

It should only be sanitized before display
author: Bart Visscher <bartv@thisnet.nl> 2012-11-27 20:22:45 +0100
committer: Bart Visscher <bartv@thisnet.nl> 2012-11-27 20:22:45 +0100
commit: 80d1037e427c31c165abead3696668bac8110413 (patch)
tree: 6ecb9b0e6a09bf3e2488c75ad2f9cc46185a54d8 /settings/ajax/togglegroups.php
parent: 71e8755d318eb9a415b15f5775506ecf8a8d134f (diff)
download: nextcloud-server-80d1037e427c31c165abead3696668bac8110413.tar.gz
nextcloud-server-80d1037e427c31c165abead3696668bac8110413.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php
index de941f99132..b7746fed8f1 100644
--- a/settings/ajax/togglegroups.php
+++ b/settings/ajax/togglegroups.php
@@ -5,7 +5,7 @@ OCP\JSON::callCheck();
 
 $success = true;
 $username = $_POST["username"];
-$group = OC_Util::sanitizeHTML($_POST["group"]);
+$group = $_POST["group"];
 
 if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
 	$l = OC_L10N::get('core');
author	Bart Visscher <bartv@thisnet.nl>	2012-11-27 20:22:45 +0100
committer	Bart Visscher <bartv@thisnet.nl>	2012-11-27 20:22:45 +0100
commit	80d1037e427c31c165abead3696668bac8110413 (patch)
tree	6ecb9b0e6a09bf3e2488c75ad2f9cc46185a54d8 /settings/ajax/togglegroups.php
parent	71e8755d318eb9a415b15f5775506ecf8a8d134f (diff)
download	nextcloud-server-80d1037e427c31c165abead3696668bac8110413.tar.gz nextcloud-server-80d1037e427c31c165abead3696668bac8110413.zip