From 9d10d64e145a69093d5309b2fac36221728cbdfe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luca=20B=C3=B6sch?= <luca.boesch@bfh.ch>
Date: Tue, 6 Feb 2018 23:36:47 +0100
Subject: [PATCH 1/2] MDL-36157 block_rss_client: Don't double escape titles.

---
 blocks/rss_client/block_rss_client.php | 4 ++--
 blocks/rss_client/managefeeds.php      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/blocks/rss_client/block_rss_client.php b/blocks/rss_client/block_rss_client.php
index 47e9e7831c5..c326d4299c8 100644
--- a/blocks/rss_client/block_rss_client.php
+++ b/blocks/rss_client/block_rss_client.php
@@ -273,9 +273,9 @@
     function format_title($title,$max=64) {
 
         if (core_text::strlen($title) <= $max) {
-            return s($title);
+            return $title;
         } else {
-            return s(core_text::substr($title,0,$max-3).'...');
+            return core_text::substr($title, 0, $max - 3) . '...';
         }
     }
 
diff --git a/blocks/rss_client/managefeeds.php b/blocks/rss_client/managefeeds.php
index 85cf983a8e4..d216c3c9d50 100644
--- a/blocks/rss_client/managefeeds.php
+++ b/blocks/rss_client/managefeeds.php
@@ -106,7 +106,7 @@ foreach($feeds as $feed) {
     if (!empty($feed->preferredtitle)) {
         $feedtitle = s($feed->preferredtitle);
     } else {
-        $feedtitle =  s($feed->title);
+        $feedtitle = $feed->title;
     }
 
     $viewlink = html_writer::link($CFG->wwwroot .'/blocks/rss_client/viewfeed.php?rssid=' . $feed->id . $extraparams, $feedtitle);

From 345a010ea49f5e9f3271cda5aa11ffdd29559900 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luca=20B=C3=B6sch?= <luca.boesch@bfh.ch>
Date: Tue, 6 Mar 2018 00:15:38 +0100
Subject: [PATCH 2/2] MDL-36157 block_rss_client: Don't double escape titles.

---
 blocks/rss_client/block_rss_client.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/blocks/rss_client/block_rss_client.php b/blocks/rss_client/block_rss_client.php
index c326d4299c8..bc6d7c5eee6 100644
--- a/blocks/rss_client/block_rss_client.php
+++ b/blocks/rss_client/block_rss_client.php
@@ -205,9 +205,11 @@
         }
 
         if(empty($feedrecord->preferredtitle)){
+            // Simplepie does escape HTML entities.
             $feedtitle = $this->format_title($simplepiefeed->get_title());
         }else{
-            $feedtitle = $this->format_title($feedrecord->preferredtitle);
+            // Moodle custom title does not does escape HTML entities.
+            $feedtitle = $this->format_title(s($feedrecord->preferredtitle));
         }
 
         if (empty($this->config->title)){
@@ -265,10 +267,12 @@
 
     /**
      * Strips a large title to size and adds ... if title too long
+     * This function does not escape HTML entities, so they have to be escaped
+     * before being passed here.
      *
      * @param string title to shorten
      * @param int max character length of title
-     * @return string title s() quoted and shortened if necessary
+     * @return string title shortened if necessary
      */
     function format_title($title,$max=64) {