function clean_text in Quiz 6.6

Same name and namespace in other branches

1. 6.5 includes/moodle_support.php \clean_text()

1 call to clean_text()

notify in includes/moodle_support.php

File

includes/moodle_support.php, line 326

Code

function clean_text($text, $format = FORMAT_MOODLE) {
  global $ALLOWED_TAGS, $CFG;
  if (empty($text) or is_numeric($text)) {
    return (string) $text;
  }
  switch ($format) {
    case FORMAT_PLAIN:
    case FORMAT_MARKDOWN:
      return $text;
    default:
      if (!empty($CFG->enablehtmlpurifier)) {
        $text = purify_html($text);
      }
      else {

        /// Fix non standard entity notations
        $text = preg_replace('/(&#[0-9]+)(;?)/', "\\1;", $text);
        $text = preg_replace('/(&#x[0-9a-fA-F]+)(;?)/', "\\1;", $text);

        /// Remove tags that are not allowed
        $text = strip_tags($text, $ALLOWED_TAGS);

        /// Clean up embedded scripts and , using kses

        // $text = cleanAttributes($text);  // FIXME too much work to port

        /// Again remove tags that are not allowed
        $text = strip_tags($text, $ALLOWED_TAGS);
      }

      /// Remove potential script events - some extra protection for undiscovered bugs in our code
      $text = eregi_replace("([^a-z])language([[:space:]]*)=", "\\1Xlanguage=", $text);
      $text = eregi_replace("([^a-z])on([a-z]+)([[:space:]]*)=", "\\1Xon\\2=", $text);
      return $text;
  }
}