Hi there. I don't think it is a bug as such, but it is the fact that the "less than" sign along with the "more than" sign is part of coding and so Moodle thinks it is some code you maybe shouldn't be putting in. I have tried to do ‹ and › by getting them from here http://copypastecharacter.com/
I agree with Mary - Moodle is seeing it as part of the coding. I have used typing in < where I want < and
> where I want > to get the more than, less than symbols to show.
> where I want > to get the more than, less than symbols to show.
Wouldnt that result in a security issue that moodle is not escaping these characters .... If I or a user tries to run a server side php code I am guessing he will be able run it ....
<?php
phpinfo();
?>
phpinfo();
?>
Sorry I do not understand your comment.
I am not a php person.....my reply was just from a simple understanding of Moodle is web based so therefore putting in a < sign from simple html coding it would be interpreted as as possibly as html tag and that is why you had the problem that you did. I have found no security issues in typing in the correct code to create a < or > that I wished to appear in a quiz question.
It may be that I did not understand completely what you were asking about.
I am not sure either, my understanding was anything that was being posted as html should be stripped otherwise there could be a security concern .. Is there a restriction on what html can be posted .. if not, then a hacker can deface a website by posting arbitrary html. Just a thought
If you want a really secure solution, then yes, the simple answer is never to let the user input HTML.
Unfortunately, for Moodle developers, communication and teaching is enhanced by being able to use richly styled content. So, we can't get around processing HTML. Therefore, we have a lot of code for cleaning up the HTML that in input, and it is that code that it stripping stuff that follows a < sign that does not look like a safe HTML tag. Note that this problem only occurs when you are not using the HTML editor.
Unfortunately, for Moodle developers, communication and teaching is enhanced by being able to use richly styled content. So, we can't get around processing HTML. Therefore, we have a lot of code for cleaning up the HTML that in input, and it is that code that it stripping stuff that follows a < sign that does not look like a safe HTML tag. Note that this problem only occurs when you are not using the HTML editor.
But Tim, what if the exam is on HTML? We are not all English teachers.... Moodle should not interpret HTML-Input, but enclose it in a preformatted tag. Same goes for programming code, which has lots of less than and greater than signs.
This problem seemed to have been solved and has now reappeared...
This problem seemed to have been solved and has now reappeared...
If you are teaching HTML, then you should know about the differences when using the HTML editor or not, and about escaping < as < where appropriate.
Moodle should handle teaching both English and HTML just fine, and it should do so with good usability for students and teachers. However, it is hard, and we are not quite there yet.
Moodle should handle teaching both English and HTML just fine, and it should do so with good usability for students and teachers. However, it is hard, and we are not quite there yet.