A fix for kses problems with quotes ...

lib/moodlelib.php

@@ -194,6 +194,9 @@ function clean_param($param, $options) {
 
     if ($options & PARAM_CLEAN) {
         $param = clean_text($param);     // Sweep for scripts, etc
+        $param = str_replace('"', '\\\\"', $param);  // Because clean_text will strip them 
+                                                     // when checking HTML tags ...  I'm not 
+                                                     // sure if this is really necessary to replace
     }
 
     if ($options & PARAM_INT) {

lib/weblib.php

@@ -1269,7 +1269,7 @@ function cleanAttributes2($htmlTag){
     global $CFG, $ALLOWED_PROTOCOLS;
     require_once($CFG->libdir .'/kses.php');
 
-    $htmlTag = kses_stripslashes($htmlTag);
+    $htmlTag = str_replace('\\\\"', '"', $htmlTag);
     if (substr($htmlTag, 0, 1) != '<') {
         return '&gt;';  //a single character ">" detected
     }