I noticed that there is no validation for a Domain name created by an administrator.
I think this is not an actual problem because I see that the path name is validated before every usage but... anyway It should be better to apply some validations even if the operator is the sysadmin. Isn't it?
I think about PHP's `FILTER_VALIDATE_DOMAIN` and/or your function `require_safe_dirname` that I see defined in `include/functions.php`