Clean all preferences, fixes setting preferences

preferences.php

@@ -21,6 +21,15 @@ $aClean['ext_realname'] = makeSafe($REQUEST['ext_realname']);
 $aClean['CVSrelease'] = makeSafe($REQUEST['CVSrelease']);
 $aClean['ext_hasadmin'] = makeSafe($POST['ext_hasadmin']); 
 
+/* filter all of the preferences */
+while(list($key, $value) = each($_REQUEST))
+{
+    if(ereg("^pref_(.+)$", $key, $arr))
+        $aClean[$key] = makeSafe($value);
+}
+
+
+
 
 if(!$_SESSION['current']->isLoggedIn())
 {
@@ -95,6 +104,8 @@ if($_POST)
 {   
     while(list($key, $value) = each($aClean))
     {
+        /* if a parameter lacks 'pref_' at its head it isn't a */
+        /* preference so skip over processing it */
         if(!ereg("^pref_(.+)$", $key, $arr))
             continue;
         $oUser->setPref($arr[1], $value);