From 728247f4e909196c3ccd8c16dcf4c333b1895f81 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Wed, 11 Aug 2021 14:19:53 +0200
Subject: [PATCH] Validate the languageVariable in I18nHandler::save()

---
 .../install/files/lib/system/language/I18nHandler.class.php    | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wcfsetup/install/files/lib/system/language/I18nHandler.class.php b/wcfsetup/install/files/lib/system/language/I18nHandler.class.php
index d93a24a723..c8e3eb4803 100644
--- a/wcfsetup/install/files/lib/system/language/I18nHandler.class.php
+++ b/wcfsetup/install/files/lib/system/language/I18nHandler.class.php
@@ -3,6 +3,7 @@
 namespace wcf\system\language;
 
 use wcf\data\language\Language;
+use wcf\data\language\LanguageEditor;
 use wcf\system\database\util\PreparedStatementConditionBuilder;
 use wcf\system\exception\SystemException;
 use wcf\system\Regex;
@@ -305,6 +306,8 @@ class I18nHandler extends SingletonFactory
      */
     public function save($elementID, $languageVariable, $languageCategory, $packageID = PACKAGE_ID)
     {
+        LanguageEditor::validateItemName($languageVariable, $languageCategory);
+
         // get language category id
         $sql = "SELECT  languageCategoryID
                 FROM    wcf" . WCF_N . "_language_category
-- 
2.20.1