From d69af451e8f06c4cab9ab0bb554bcca8d4493e39 Mon Sep 17 00:00:00 2001 From: Roman Kelesidis Date: Mon, 5 Feb 2024 21:30:56 +0700 Subject: [PATCH] Update edit_user_profile.php --- library/ajax/edit_user_profile.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/ajax/edit_user_profile.php b/library/ajax/edit_user_profile.php index 65aab1d2..e2af0e69 100644 --- a/library/ajax/edit_user_profile.php +++ b/library/ajax/edit_user_profile.php @@ -128,6 +128,11 @@ switch ($field) $table = BB_BT_USERS; $value = (float) str_replace(',', '.', $this->request['value']); + if ($value < 0.0) + { + $this->ajax_die($lang['WRONG_INPUT']); + } + foreach (array('KB'=>1,'MB'=>2,'GB'=>3,'TB'=>4,'PB'=>5,'EB'=>6,'ZB'=>7,'YB'=>8) as $s => $m) { if (stripos($this->request['value'], $s) !== false)