use lemmy_api_common::{
context::LemmyContext,
person::{LoginResponse, SaveUserSettings},
- utils::{local_user_view_from_jwt, send_verification_email},
+ utils::{local_user_view_from_jwt, sanitize_html_opt, send_verification_email},
};
use lemmy_db_schema::{
source::{
let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
let site_view = SiteView::read_local(&mut context.pool()).await?;
+ let bio = sanitize_html_opt(&data.bio);
+ let display_name = sanitize_html_opt(&data.display_name);
+
let avatar = diesel_option_overwrite_to_url(&data.avatar)?;
let banner = diesel_option_overwrite_to_url(&data.banner)?;
- let bio = diesel_option_overwrite(&data.bio);
- let display_name = diesel_option_overwrite(&data.display_name);
- let matrix_user_id = diesel_option_overwrite(&data.matrix_user_id);
+ let bio = diesel_option_overwrite(bio);
+ let display_name = diesel_option_overwrite(display_name);
+ let matrix_user_id = diesel_option_overwrite(data.matrix_user_id.clone());
let email_deref = data.email.as_deref().map(str::to_lowercase);
- let email = diesel_option_overwrite(&email_deref);
+ let email = diesel_option_overwrite(email_deref.clone());
if let Some(Some(email)) = &email {
let previous_email = local_user_view.local_user.email.clone().unwrap_or_default();
let person_id = local_user_view.person.id;
let default_listing_type = data.default_listing_type;
let default_sort_type = data.default_sort_type;
+ let theme = sanitize_html_opt(&data.theme);
let person_form = PersonUpdateForm::builder()
.display_name(display_name)
.show_scores(data.show_scores)
.default_sort_type(default_sort_type)
.default_listing_type(default_listing_type)
- .theme(data.theme.clone())
+ .theme(theme)
.interface_language(data.interface_language.clone())
.totp_2fa_secret(totp_2fa_secret)
.totp_2fa_url(totp_2fa_url)