}
function validate($data) {
- $cleaned = clean_param($data, PARAM_NOTAGS);
+ $cleaned = stripslashes(clean_param($data, PARAM_MULTILANG));
if ($cleaned == '') {
return false; // can not be empty
}
- return ("$data" == "$cleaned"); // implicit conversion to string is needed to do exact comparison
+ return ($data == $cleaned); // implicit conversion to string is needed to do exact comparison
}
function write_setting($data) {
} else {
$return .= '<br />';
}
- $return .= '<input type="checkbox" name="s_'.$this->name.'['.$roleid.']" value="1"'.$checked.' /> '.$role->name;
+ $return .= '<input type="checkbox" name="s_'.$this->name.'['.$roleid.']" value="1"'.$checked.' /> '.format_string($role->name);
}
$return .= '</div>';
}