From 21846c760d32210f27a695e735e417ea195dffdb Mon Sep 17 00:00:00 2001
From: FusionPBX <mark@fusionpbx.com>
Date: Thu, 8 May 2025 09:07:06 -0600
Subject: [PATCH] Sanitize the domain setting category

---
 core/domain_settings/domain_setting_edit.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/domain_settings/domain_setting_edit.php b/core/domain_settings/domain_setting_edit.php
index 2d492b1b30..8395001f5d 100644
--- a/core/domain_settings/domain_setting_edit.php
+++ b/core/domain_settings/domain_setting_edit.php
@@ -88,6 +88,11 @@
 		$domain_setting_description = $_POST["domain_setting_description"];
 	}
 
+//sanitize the variables
+	if (!empty($domain_setting_category)) {
+		$domain_setting_category = preg_replace('#[^a-zA-Z0-9_\-\. ]#', '', $domain_setting_category);
+	}
+
 //process the data
 	if (!empty($_POST) && empty($_POST["persistformvar"])) {