OK, I've rationalised the text formatting now. Basically, both Moodle and

OK, I've rationalised the text formatting now.  Basically, both Moodle and
HTML text allow the same range of HTML tags (so it doesn't matter is you
switch from one to the other).

<IMG> and <A> are now ALLOWED in Moodle text.  However, the clean_text
function now checks for and removes any embedded javascript triggers
to avoid cross-site scripting attacks that way.

clean_text() should be called on ANY text that comes in from students.