From 418831e096cee6a93d202ea7993bce991fc6939e Mon Sep 17 00:00:00 2001
From: Michael Hawkins <michaelh@moodle.com>
Date: Wed, 28 Nov 2018 17:14:07 +0800
Subject: [PATCH] MDL-64240 mod_forum: Clean forum post text before storing

Previously only edited messages were cleaned, so longer strings could
be stored in the database, which would never be displayed.
This update takes into account trusted text before cleaning (as editing does).
---
 mod/forum/post.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/mod/forum/post.php b/mod/forum/post.php
index 8c5c2b9ba99..b8c86cb0593 100644
--- a/mod/forum/post.php
+++ b/mod/forum/post.php
@@ -696,6 +696,9 @@ if ($mformpost->is_cancelled()) {
     // WARNING: the $fromform->message array has been overwritten, do not use it anymore!
     $fromform->messagetrust  = trusttext_trusted($modcontext);
 
+    // Clean message text.
+    $fromform = trusttext_pre_edit($fromform, 'message', $modcontext);
+
     if ($fromform->edit) {           // Updating a post.
         unset($fromform->groupid);
         $fromform->id = $fromform->edit;