diff --git a/core/domain_settings/domain_setting_edit.php b/core/domain_settings/domain_setting_edit.php
index a43dabcdeb..5f113023da 100644
--- a/core/domain_settings/domain_setting_edit.php
+++ b/core/domain_settings/domain_setting_edit.php
@@ -89,8 +89,8 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
$domain_setting_uuid = check_str($_POST["domain_setting_uuid"]);
}
- //check for all required data
- if (strlen($domain_setting_category) == 0) { $msg .= $text['message-required'].$text['label-category']."
\n"; }
+ //check for all required/authorized data
+ if (strlen($domain_setting_category) == 0 || (is_array($allowed_categories) && sizeof($allowed_categories) > 0 && !in_array(strtolower($domain_setting_category), $allowed_categories))) { $msg .= $text['message-required'].$text['label-category']."
\n"; }
if (strlen($domain_setting_subcategory) == 0) { $msg .= $text['message-required'].$text['label-subcategory']."
\n"; }
if (strlen($domain_setting_name) == 0) { $msg .= $text['message-required'].$text['label-type']."
\n"; }
//if (strlen($domain_setting_value) == 0) { $msg .= $text['message-required'].$text['label-value']."
\n"; }
diff --git a/core/users/user_setting_edit.php b/core/users/user_setting_edit.php
index 0a6855f627..a2b0ca273c 100644
--- a/core/users/user_setting_edit.php
+++ b/core/users/user_setting_edit.php
@@ -89,8 +89,8 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
$user_setting_uuid = check_str($_POST["user_setting_uuid"]);
}
- //check for all required data
- if (strlen($user_setting_category) == 0) { $msg .= $text['message-required'].$text['label-category']."
\n"; }
+ //check for all required/authorized data
+ if (strlen($user_setting_category) == 0 || (is_array($allowed_categories) && sizeof($allowed_categories) > 0 && !in_array(strtolower($user_setting_category), $allowed_categories))) { $msg .= $text['message-required'].$text['label-category']."
\n"; }
if (strlen($user_setting_subcategory) == 0) { $msg .= $text['message-required'].$text['label-subcategory']."
\n"; }
if (strlen($user_setting_name) == 0) { $msg .= $text['message-required'].$text['label-type']."
\n"; }
//if (strlen($user_setting_value) == 0) { $msg .= $text['message-required'].$text['label-value']."
\n"; }