MDL-21769 fixed input validation
[moodle.git] / blog / edit.php
index 82fd010..d35cb83 100755 (executable)
@@ -87,6 +87,9 @@ if ($id) {
         print_error('notallowedtoedit', 'blog');
     }
     $userid = $entry->userid;
+    $entry->subject      = clean_text($entry->subject);
+    $entry->summary      = clean_text($entry->summary, $entry->format);
+    
 } else {
     if (!has_capability('moodle/blog:create', $sitecontext)) {
         print_error('noentry', 'blog'); // manageentries is not enough for adding