From 4f0a911d5bbc82af92067392929227ff0328fcee Mon Sep 17 00:00:00 2001
From: Hubert Borderiou <baelmyhu@gmail.com>
Date: Thu, 12 Dec 2013 15:49:18 +0100
Subject: [PATCH] Add htmlentities to Exercice Title to avoid HTML issues

The title of an exercice is not made to have special design or html feature.
It is a title.
If the title of the exercice is
Example of <div> use
The text to display is this one, with html tags displayed as text
---
 main/exercice/exercise.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main/exercice/exercise.class.php b/main/exercice/exercise.class.php
index 132cc2013a..1cfa82abcd 100644
--- a/main/exercice/exercise.class.php
+++ b/main/exercice/exercise.class.php
@@ -1229,7 +1229,7 @@ class Exercise {
      */
     function processCreation($form, $type='') {
 
-        $this->updateTitle($form->getSubmitValue('exerciseTitle'));
+        $this->updateTitle(htmlentities($form->getSubmitValue('exerciseTitle')));
         $this->updateDescription($form->getSubmitValue('exerciseDescription'));
         $this->updateAttempts($form->getSubmitValue('exerciseAttempts'));
         $this->updateFeedbackType($form->getSubmitValue('exerciseFeedbackType'));