From d0f95ac7dc22646de0c7e03b3d0a05e5ba2bf971 Mon Sep 17 00:00:00 2001
From: Matthias Schmidt <gravatronics@live.com>
Date: Thu, 2 Aug 2018 18:03:11 +0200
Subject: [PATCH] Resolve TODO in AclFormField

See #2509
---
 .../lib/system/form/builder/field/AclFormField.class.php      | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/wcfsetup/install/files/lib/system/form/builder/field/AclFormField.class.php b/wcfsetup/install/files/lib/system/form/builder/field/AclFormField.class.php
index bd5c2c9c2a..7a7aa9895f 100644
--- a/wcfsetup/install/files/lib/system/form/builder/field/AclFormField.class.php
+++ b/wcfsetup/install/files/lib/system/form/builder/field/AclFormField.class.php
@@ -51,7 +51,9 @@ class AclFormField extends AbstractFormField implements IObjectTypeFormField {
 	 * @throws	\InvalidArgumentException	if given category name is invalid
 	 */
 	public function categoryName($categoryName) {
-		// TODO: validation
+		if (!is_string($categoryName) || !preg_match('~^[A-z0-9\-\_]+(\.[A-z0-9\-\_]+)+$~', $categoryName)) {
+			throw new \InvalidArgumentException("Invalid category name given.");
+		}
 		
 		$this->__categoryName = $categoryName;
 		
-- 
2.20.1