From: moodler <moodler>
Date: Mon, 9 Jun 2003 06:18:45 +0000 (+0000)
Subject: Added a check to disable VBSscript as well
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=0cd84e67ead1657b57acdc178320aac52fe5ab6a;p=moodle.git

Added a check to disable VBSscript as well
---

diff --git a/lib/weblib.php b/lib/weblib.php
index 605cb8ed51..1e085f7d09 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -512,7 +512,8 @@ function clean_text($text, $format) {
         case FORMAT_WIKI:
             $text = strip_tags($text, $ALLOWED_TAGS);
             $text = str_ireplace("javascript:", " ", $text);           // Remove javascript: label
-            $text = eregi_replace("([^a-z])on([a-z]+)([[:space:]]*)=", " ", $text);  // Remove javascript triggers
+            $text = eregi_replace("([^a-z])language([[:space:]]*)=", " ", $text);    // Remove javascript/VBScript
+            $text = eregi_replace("([^a-z])on([a-z]+)([[:space:]]*)=", " ", $text);  // Remove script events
             return $text;
 
         case FORMAT_PLAIN: