in members.php find two times:
if ($image_name == "") {
Insert above:
if ($user_info['user_level'] != ADMIN && preg_match("#[<>]#", $image_name))
{
$error = 1;
$field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['image_name']), $lang['bad_characters']);
$msg .= (($msg != "") ? "<br />" : "").$field_error;
}
in lang/<your language>/main.php add:
$lang['bad_characters'] = "Unacceptable characters in {field_name}";
P.S. test it with non-admin account.