From ffddd3c6b8d9bd98a275a4871cb7fbb40e95a164 Mon Sep 17 00:00:00 2001
From: Sarjuuk <junkdump@gmx.net>
Date: Sun, 12 Feb 2017 03:56:38 +0100
Subject: [PATCH] User/Weightscales  * saving now always updates the name  *
 name is now urldecoded

---
 includes/ajaxHandler/account.class.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/includes/ajaxHandler/account.class.php b/includes/ajaxHandler/account.class.php
index a71c20b9..8f14b614 100644
--- a/includes/ajaxHandler/account.class.php
+++ b/includes/ajaxHandler/account.class.php
@@ -11,7 +11,7 @@ class AjaxAccount extends AjaxHandler
         'save'   => [FILTER_SANITIZE_NUMBER_INT, null],
         'delete' => [FILTER_SANITIZE_NUMBER_INT, null],
         'id'     => [FILTER_CALLBACK,            ['options' => 'AjaxHandler::checkInt']],
-        'name'   => [FILTER_SANITIZE_STRING,     FILTER_FLAG_STRIP_LOW],
+        'name'   => [FILTER_CALLBACK,            ['options' => 'AjaxAccount::checkName']],
         'scale'  => [FILTER_CALLBACK,            ['options' => 'AjaxAccount::checkScale']],
     );
     protected $_get        = array(
@@ -56,6 +56,8 @@ class AjaxAccount extends AjaxHandler
             {
                 if (!DB::Aowow()->selectCell('SELECT 1 FROM ?_account_weightscales WHERE userId = ?d AND id = ?d', User::$id, $id))
                     return 0;
+
+                DB::Aowow()->query('UPDATE ?_account_weightscales SET `name` = ? WHERE id = ?d', $this->_post['name'], $id);
             }
             else
             {
@@ -92,4 +94,11 @@ class AjaxAccount extends AjaxHandler
 
         return null;
     }
+
+    protected function checkName($val)
+    {
+        $var = trim(urldecode($val));
+
+        return filter_var($var, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
+    }
 }