Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

MDL-31101 format_string: Don't mangle < and > in strings like x < 1.

  • Loading branch information...
commit 675d9968850371445d7070e0dfe44d2eb65fe830 1 parent 6d768d0
Tim Hunt timhunt authored
Showing with 20 additions and 5 deletions.
  1. +17 −0 lib/simpletest/testweblib.php
  2. +3 −5 lib/weblib.php
17 lib/simpletest/testweblib.php
View
@@ -23,6 +23,8 @@ function tearDown() {
}
function test_format_string() {
+ global $CFG;
+
// Ampersands
$this->assertEqual(format_string("& &&&&& &&"), "&amp; &amp;&amp;&amp;&amp;&amp; &amp;&amp;");
$this->assertEqual(format_string("ANother & &&&&& Category"), "ANother &amp; &amp;&amp;&amp;&amp;&amp; Category");
@@ -37,6 +39,21 @@ function test_format_string() {
// Unicode entities
$this->assertEqual(format_string("&#4475;"), "&#4475;");
+
+ // < and > signs
+ $originalformatstringstriptags = $CFG->formatstringstriptags;
+
+ $CFG->formatstringstriptags = false;
+ $this->assertEqual(format_string('x < 1'), 'x &lt; 1');
+ $this->assertEqual(format_string('x > 1'), 'x &gt; 1');
+ $this->assertEqual(format_string('x < 1 and x > 0'), 'x &lt; 1 and x &gt; 0');
+
+ $CFG->formatstringstriptags = true;
+ $this->assertEqual(format_string('x < 1'), 'x &lt; 1');
+ $this->assertEqual(format_string('x > 1'), 'x &gt; 1');
+ $this->assertEqual(format_string('x < 1 and x > 0'), 'x &lt; 1 and x &gt; 0');
+
+ $CFG->formatstringstriptags = $originalformatstringstriptags;
}
function test_s() {
8 lib/weblib.php
View
@@ -1199,11 +1199,9 @@ function reset_text_filters_cache() {
* need filter processing e.g. activity titles, post subjects,
* glossary concepts.
*
- * @global object
- * @global object
- * @global object
* @staticvar bool $strcache
- * @param string $string The string to be filtered.
+ * @param string $string The string to be filtered. Should be plain text, expect
+ * possibly for multilang tags.
* @param boolean $striplinks To strip any link in the result text.
Moodle 1.8 default changed from false to true! MDL-8713
* @param array $options options array/object or courseid
@@ -1261,7 +1259,7 @@ function format_string($string, $striplinks = true, $options = NULL) {
// If the site requires it, strip ALL tags from this string
if (!empty($CFG->formatstringstriptags)) {
- $string = strip_tags($string);
+ $string = str_replace(array('<', '>'), array('&lt;', '&gt;'), strip_tags($string));
} else {
// Otherwise strip just links if that is required (default)
Please sign in to comment.
Something went wrong with that request. Please try again.