Minor - updated comments about HTML style filtering

15 years ago · 424f57b2a7
parent e003ab11fe
commit 424f57b2a7
2 changed files with 9 additions and 7 deletions
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@ -3262,8 +3262,9 @@ function prepare4display($input='') {
 				$counter++;
 			}
 		}
-		//return api_html_entity_decode(stripslashes($input));
-		return Security::remove_XSS($input, STUDENT);
+        //return api_html_entity_decode(stripslashes($input));
+        //change this to COURSEMANAGERLOWSECURITY or COURSEMANAGER to lower filtering and allow more styles (see comments of Security::remove_XSS() method to learn about other levels)
+        return Security::remove_XSS($input, STUDENT);
 	} else {
 		$returnarray=array_walk($input, 'api_html_entity_decode');
 		$returnarray=array_walk($input, 'stripslashes');
--- a/main/forum/viewthread_flat.inc.php
+++ b/main/forum/viewthread_flat.inc.php
@ -111,7 +111,7 @@ if (isset($current_thread['thread_id'])){
 			}
 		}
 		echo "</td>";
-		// show the
+		// prepare the notification icon
 		if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) {
 			$post_image=icon('../img/forumpostnew.gif');
 		} else {
@ -124,10 +124,11 @@ if (isset($current_thread['thread_id'])){
 		
 		echo "</tr>";
 		
-		// The post message
-		echo "<tr>";
-		echo "<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>";
-		echo "</tr>";
+        // The post message
+        echo "<tr>";
+        // see comments inside forumfunction.inc.php to lower filtering and allow more visual changes
+        echo "<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>";
+        echo "</tr>";
 	
 		// The check if there is an attachment