Missig zx and email sanitization / validation.

[not-a-feature]

Missing sanitization / validation of the user data. Allowing to inject arbitratry code into the email.
This can be abused to send malicous emails from a trusted domain.

To prevent this use direct input filtering and validation of the zx nick (length, regex, ..) and name.
This would also simplify https://github.com/fsi-tue/hhi/blob/de129958a51823332c06d13f0bf14eaf9d459424/src/register.php#L60C13-L60C174

$mail->addAddress(str_contains($entry["entryZxNick"], "@") ? $entry["entryZxNick"] : ($entry["entryZxNick"] . "@student.uni-tuebingen.de"), $entry["entryName"]);

as we don't need the switch statement anymore.

See: https://www.php.net/function.filter-input

[PhictionalOne]

It's not a bug it's a feature. As we want to allow Dinos without valid zx identification to participate as well. This shouldn't be "public" knowledge though.