MDL-52552 course management: insufficient cleaning of search output

author Dan Poltawski <dan@moodle.com>

Fri, 18 Dec 2015 11:34:13 +0000 (11:34 +0000)

committer Andrew Nicols <andrew@nicols.co.uk>

Mon, 4 Jan 2016 02:13:58 +0000 (10:13 +0800)
author Dan Poltawski <dan@moodle.com>
Fri, 18 Dec 2015 11:34:13 +0000 (11:34 +0000)
committer Andrew Nicols <andrew@nicols.co.uk>
Mon, 4 Jan 2016 02:13:58 +0000 (10:13 +0800)
diff --git a/course/classes/management_renderer.php b/course/classes/management_renderer.php

index 6f02f93..ed28b03 100644 (file)
--- a/course/classes/management_renderer.php
+++ b/course/classes/management_renderer.php
@@ -1130,7 +1130,7 @@ class core_course_management_renderer extends plugin_renderer_base {
          $totalpages = ceil($totalcourses / $perpage);
          if ($showtotals) {
              if ($totalpages == 0) {
-                $str = get_string('nocoursesfound', 'moodle', $search);
+                $str = get_string('nocoursesfound', 'moodle', s($search));
              } else if ($totalpages == 1) {
                  $str = get_string('showingacourses', 'moodle', $totalcourses);
              } else {
author	Dan Poltawski <dan@moodle.com>
	Fri, 18 Dec 2015 11:34:13 +0000 (11:34 +0000)
committer	Andrew Nicols <andrew@nicols.co.uk>
	Mon, 4 Jan 2016 02:13:58 +0000 (10:13 +0800)