From: skodak Date: Sun, 23 Sep 2007 13:13:13 +0000 (+0000) Subject: MDL-11414 fixed handling of log urls (problem reported by Andreas Nolden) X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=024ef5288a477276466898997dedfed9e6386341;p=moodle.git MDL-11414 fixed handling of log urls (problem reported by Andreas Nolden) --- diff --git a/course/lib.php b/course/lib.php index 76f3a7a89b..9ea5061781 100644 --- a/course/lib.php +++ b/course/lib.php @@ -514,7 +514,7 @@ function print_log($course, $user=0, $date=0, $order="l.time ASC", $page=0, $per $log->url = strip_tags(urldecode($log->url)); // Some XSS protection $log->info = strip_tags(urldecode($log->info)); // Some XSS protection - $log->url = str_replace('&', '&', $log->url); /// XHTML compatibility + $log->url = s($log->url); /// XSS protection and XHTML compatibility - should be in link_to_popup_window() instead!! echo ''; if ($course->id == SITEID) {