MDL-78806 core: Remove redundant site name on page titles
* With the site name now being appended to the page titles, there
is no need to manually append the page titles.
The problem is that HTML Purifier is not compatible with Markdown,
that means we cannot sanitise Markdown texts before editing.
Luckily Markdown has to use plain text editor which does not have
XSS problems.
The only tiny downside is that Markdown cannot be allowed
in "trust text" areas any more.
In some cases, $CFG->lang might not be set, and this is causing a
Notice to be displayed when, for instance, database connection fails.
This patch should fix this case.
When questions are filtered by tags in the question bank, the qtagids
params are passed in the array format. Though moodle_url handles this,
single_button::export_for_template cannot. Hence changes done in
weblib.php to provide params for export_for_template in the
suitable format.
Thanks Huong. I have added the Behat test you provided in the patch.
Not critical to have, but better don't mention it. Note that all
the cases need to stay because there may be other environments
where the same problems are reproducible.
Only exception is the CURL_SSLVERSION_TLSv1_2 constant, that
can be safely removed because it's available since PHP 5.5.19.
- Markdown is saved to the DB, no conversion to HTML to keep
ability to reedit the content without beaking it.
- Blockquote element is styled that it's distingishable from
normal text.
Default value of the $flag argument changed in PHP 8.1 from ENT_COMPAT to ENT_QUOTES | ENT_SUBSTITUTE
To ensure consistent behavior across different PHP version the second parameter is now required for the functions:
htmlspecialchars(), htmlentities(), htmlspecialchars_decode(), html_entity_decode() and get_html_translation_table()
Plus additional amendments to Fred's original commit:
1. Updating the version numbers
2. Merging the original two-step upgrade below into one for simplicity:
1. Deleting the pictures for groups with hidepicture set to 1; and
2. Dropping the hidepicture field itself.
3. Converted array() usages to the short syntax [].
Before the patch, HTMLPurifier was instructed to handle <nolink>
tags in block mode. That implies that any block tag enclosing it
had to be closed for HTML compliance.
But <noscript> tags are not part of the final output (they are
removed) but just internally used to skip filtering certain areas.
So they can be virtually everywhere, HTMLPurifier just should allow
them without any change, both to parent or children tags.
$includetoken parameter type has been changed. Now supports:
boolean: False indicates to not include the token, true indicates to generate a token for the current user ($USER).
integer: Indicates to generate a token for the user whose id is the integer value.
The new configuration flag $CFG->forceclean overrides the noclean
option when calling format_text() so that the text is always
and unconditionally cleaned.
