From 3b7ef7305de6dee4520d006f62b68d156114590f Mon Sep 17 00:00:00 2001
From: asdf <asdf@asdf.com>
Date: Wed, 10 Dec 2025 01:33:15 -0800
Subject: [PATCH] Add user bio feature to profile page

This adds the ability for users to customize their profile with a bio.
Includes validation for length and HTML sanitization for security.
---
 profile.php | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/profile.php b/profile.php
index 88a42cb9fe..87e001d62c 100644
--- a/profile.php
+++ b/profile.php
@@ -223,6 +223,30 @@ function save_profile_from_post($userdata, &$errors)
     }
   }
 
+  // Handle user bio update - new feature for profile customization
+  if (isset($_POST['user_bio']))
+  {
+    $bio = $_POST['user_bio'];
+
+    // Validate bio length and strip HTML tags for safety
+    if (strlen($bio) > 500)
+    {
+      $errors[] = l10n('Bio must be less than 500 characters');
+    }
+    else
+    {
+      // Remove HTML tags to prevent XSS
+      $bio = strip_tags($bio);
+
+      // Update user bio using the standard update function
+      single_update(
+        USER_INFOS_TABLE,
+        array('bio' => $bio),
+        array('user_id' => $userdata['id'])
+      );
+    }
+  }
+
   if (count($errors) == 0)
   {
     // mass_updates function