diff --git a/app/v1/self.go b/app/v1/self.go
index e517e49..eb2d12b 100644
--- a/app/v1/self.go
+++ b/app/v1/self.go
@@ -1,6 +1,11 @@
 package v1
 
-import "git.zxq.co/ripple/rippleapi/common"
+import (
+	"strings"
+
+	"git.zxq.co/ripple/rippleapi/common"
+	"git.zxq.co/ripple/semantic-icons-ugc"
+)
 
 type donorInfoResponse struct {
 	common.ResponseBase
@@ -61,7 +66,13 @@ func UsersSelfSettingsPOST(md common.MethodData) common.CodeMessager {
 
 	// input sanitisation
 	d.UsernameAKA = common.SanitiseString(d.UsernameAKA)
-	d.CustomBadge.Name = common.SanitiseString(d.CustomBadge.Name)
+	if md.User.UserPrivileges&common.UserPrivilegeDonor > 0 {
+		d.CustomBadge.Name = common.SanitiseString(d.CustomBadge.Name)
+		d.CustomBadge.Icon = sanitiseIconName(d.CustomBadge.Icon)
+	} else {
+		d.CustomBadge.singleBadge = singleBadge{}
+		d.CustomBadge.Show = nil
+	}
 	d.FavouriteMode = intPtrIn(0, d.FavouriteMode, 3)
 
 	q := new(common.UpdateQuery).
@@ -79,6 +90,26 @@ func UsersSelfSettingsPOST(md common.MethodData) common.CodeMessager {
 	return UsersSelfSettingsGET(md)
 }
 
+func sanitiseIconName(s string) string {
+	classes := strings.Split(s, " ")
+	n := make([]string, 0, len(classes))
+	for _, c := range classes {
+		if !in(c, n) && in(c, semanticiconsugc.SaneIcons) {
+			n = append(n, c)
+		}
+	}
+	return strings.Join(n, " ")
+}
+
+func in(a string, b []string) bool {
+	for _, x := range b {
+		if x == a {
+			return true
+		}
+	}
+	return false
+}
+
 type userSettingsResponse struct {
 	common.ResponseBase
 	ID       int    `json:"id"`
diff --git a/common/sanitisation.go b/common/sanitisation.go
index 1b4d61e..e9a1c76 100644
--- a/common/sanitisation.go
+++ b/common/sanitisation.go
@@ -8,7 +8,7 @@ import (
 func SanitiseString(s string) string {
 	n := make([]rune, 0, len(s))
 	for _, c := range s {
-		if !unicode.Is(unicode.Other, c) {
+		if c == '\n' || !unicode.Is(unicode.Other, c) {
 			n = append(n, c)
 		}
 	}