MDL-23184 role description accepts any HTML, we have to trust people that can edit roles anyway

This commit is contained in:
Petr Skoda 2010-09-02 17:55:22 +00:00
parent 44913c8d47
commit cc1eebbb34

View File

@ -620,7 +620,7 @@ class define_role_table_advanced extends capability_table_with_risks {
}
// Description.
$description = optional_param('description', null, PARAM_CLEAN);
$description = optional_param('description', null, PARAM_RAW);
if (!is_null($description)) {
$this->role->description = $description;
}