Closed pejhab closed 11 years ago
It looks like it will be cleaned regardless of trusted content as the message field is defined as type PARAM_CLEANHTML - which seems to clean the text prior to it being saved to DB.
In theory the message should be passed through get_formatted_message() before being used anywhere so it might be safe to stop cleaning the saved text and rely on cleaning there (which it does do presently but doesn't support trusted content capability).
I'll look into this as there may be parts of the code in other areas that don't use get_formatted_message() so we'd need to ensure the message content always gets passed through there if it is not cleaned when saving to DB.
Would hopefully be able to do this for the 2.4 release (which would be in github in the next few weeks, and 'officially' released in June).
Has been in Master for a while, now in 24 stable branch
https://github.com/moodleou/moodle-mod_forumng/commit/03ce17ed2868e5e07dc0d0aa338423f63fdc2e19
Hello,
I am copy-and-pasting this at Sam Marshall's recommendation:
I use certain html tags such as "div id" in the forum discussion topic and post texts. With the standard forum this works without any problem (and I can modify the css to change the effect we get in texts) but when I copy and paste the same exact html into forumNG and save it, it is stripped of parts of the codes, e.g:
becomes:
This seems to be a forumNG bug. (or have I got something wrong?)
Thanks,
P. H.