MDL-41941 clean message text
authorPetr Škoda <commits@skodak.org>
Mon, 4 Nov 2013 03:43:50 +0000 (11:43 +0800)
committerDan Poltawski <dan@moodle.com>
Mon, 4 Nov 2013 03:43:50 +0000 (11:43 +0800)
message/lib.php

index 0d76548..e0e8756 100644 (file)
@@ -1979,6 +1979,8 @@ function message_format_message($message, $format='', $keywords='', $class='othe
         $messagetext = highlight($keywords, $messagetext);
     }
 
+    $messagetext = clean_text($messagetext, FORMAT_HTML);
+
     return '<div class="message '.$class.'"><a name="m'.$message->id.'"></a> <span class="time">'.$time.'</span>: <span class="content">'.$messagetext.'</span></div>';
 }