diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php
index 1558018ef8..14df283073 100755
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@@ -3262,8 +3262,9 @@ function prepare4display($input='') {
$counter++;
}
}
- //return api_html_entity_decode(stripslashes($input));
- return Security::remove_XSS($input, STUDENT);
+ //return api_html_entity_decode(stripslashes($input));
+ //change this to COURSEMANAGERLOWSECURITY or COURSEMANAGER to lower filtering and allow more styles (see comments of Security::remove_XSS() method to learn about other levels)
+ return Security::remove_XSS($input, STUDENT);
} else {
$returnarray=array_walk($input, 'api_html_entity_decode');
$returnarray=array_walk($input, 'stripslashes');
diff --git a/main/forum/viewthread_flat.inc.php b/main/forum/viewthread_flat.inc.php
index d4c1a11749..e3b7461e54 100755
--- a/main/forum/viewthread_flat.inc.php
+++ b/main/forum/viewthread_flat.inc.php
@@ -111,7 +111,7 @@ if (isset($current_thread['thread_id'])){
}
}
echo "";
- // show the
+ // prepare the notification icon
if (isset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id']][$row['post_id']]) and !empty($whatsnew_post_info[$_GET['forum']][$row['thread_id']])) {
$post_image=icon('../img/forumpostnew.gif');
} else {
@@ -124,10 +124,11 @@ if (isset($current_thread['thread_id'])){
echo "";
- // The post message
- echo "";
- echo "| ".prepare4display($row['post_text'])." | ";
- echo "
";
+ // The post message
+ echo "";
+ // see comments inside forumfunction.inc.php to lower filtering and allow more visual changes
+ echo "| ".prepare4display($row['post_text'])." | ";
+ echo "
";
// The check if there is an attachment