Merge branch 'MDL-53635-master' of git://github.com/jleyva/moodle

author David Monllao <davidm@moodle.com>

Mon, 2 May 2016 07:38:11 +0000 (15:38 +0800)

committer David Monllao <davidm@moodle.com>

Mon, 2 May 2016 07:38:11 +0000 (15:38 +0800)
author David Monllao <davidm@moodle.com>
Mon, 2 May 2016 07:38:11 +0000 (15:38 +0800)
committer David Monllao <davidm@moodle.com>
Mon, 2 May 2016 07:38:11 +0000 (15:38 +0800)
diff --git a/message/output/airnotifier/message_output_airnotifier.php b/message/output/airnotifier/message_output_airnotifier.php

index d5306b5..c4f3e9a 100644 (file)
--- a/message/output/airnotifier/message_output_airnotifier.php
+++ b/message/output/airnotifier/message_output_airnotifier.php
@@ -83,8 +83,19 @@ class message_output_airnotifier extends message_output {
  
          // Site name.
          $site = get_site();
-        $extra->sitefullname = format_string($site->fullname);
-        $extra->siteshortname = format_string($site->shortname);
+        $extra->sitefullname = clean_param(format_string($site->fullname), PARAM_NOTAGS);
+        $extra->siteshortname = clean_param(format_string($site->shortname), PARAM_NOTAGS);
+
+        // Clean HTML, push notifications must arrive clean.
+        if (!empty($extra->smallmessage)) {
+            $extra->smallmessage = clean_param($extra->smallmessage, PARAM_NOTAGS);
+        }
+        if (!empty($extra->fullmessage)) {
+            $extra->fullmessage = clean_param($extra->fullmessage, PARAM_NOTAGS);
+        }
+        if (!empty($extra->fullmessagehtml)) {
+            $extra->fullmessagehtml = clean_param($extra->fullmessagehtml, PARAM_NOTAGS);
+        }
  
          // We are sending to message to all devices.
          $airnotifiermanager = new message_airnotifier_manager();
author	David Monllao <davidm@moodle.com>
	Mon, 2 May 2016 07:38:11 +0000 (15:38 +0800)
committer	David Monllao <davidm@moodle.com>
	Mon, 2 May 2016 07:38:11 +0000 (15:38 +0800)