From: nfreear Date: Fri, 21 Dec 2007 11:12:43 +0000 (+0000) Subject: MDL-7493 further fix: strip_tags from title strings because the titles may have HTML... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=1200d3d05d140668ca6ba8eeead05c1c892f4323;p=moodle.git MDL-7493 further fix: strip_tags from title strings because the titles may have HTML in them. -From Martin D/moodler in moodleblock.class.php - thanks. --- diff --git a/lib/weblib.php b/lib/weblib.php index 374c2d09fa..99b034a807 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -6508,8 +6508,8 @@ function print_side_block_end($attributes = array(), $title='') { echo ''; - $strshow = addslashes_js(get_string('showblocka', 'access', $title)); - $strhide = addslashes_js(get_string('hideblocka', 'access', $title)); + $strshow = addslashes_js(get_string('showblocka', 'access', strip_tags($title))); + $strhide = addslashes_js(get_string('hideblocka', 'access', strip_tags($title))); // IE workaround: if I do it THIS way, it works! WTF? if (!empty($CFG->allowuserblockhiding) && isset($attributes['id'])) {