Index: lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBActivityGridRowDTO.java =================================================================== diff -u -r3667835e31310dd9c09421264275fdb08ddd7123 -r5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06 --- lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBActivityGridRowDTO.java (.../GBActivityGridRowDTO.java) (revision 3667835e31310dd9c09421264275fdb08ddd7123) +++ lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBActivityGridRowDTO.java (.../GBActivityGridRowDTO.java) (revision 5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06) @@ -27,6 +27,7 @@ import java.util.Date; import java.util.Set; +import org.apache.commons.lang.StringEscapeUtils; import org.lamsfoundation.lams.gradebook.util.GBGridView; import org.lamsfoundation.lams.gradebook.util.GradebookUtil; import org.lamsfoundation.lams.learningdesign.CompetenceMapping; @@ -64,11 +65,11 @@ this.groupId = groupId; // If grouped acitivty, append group name - this.rowName = activity.getTitle() + " (" + groupName + ")"; + this.rowName = StringEscapeUtils.escapeHtml(activity.getTitle()) + " (" + groupName + ")"; } else { this.id = activity.getActivityId().toString(); - this.rowName = activity.getTitle(); + this.rowName = StringEscapeUtils.escapeHtml(activity.getTitle()); } //Constructs the competences for this activity. Index: lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBLessonGridRowDTO.java =================================================================== diff -u -r3667835e31310dd9c09421264275fdb08ddd7123 -r5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06 --- lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBLessonGridRowDTO.java (.../GBLessonGridRowDTO.java) (revision 3667835e31310dd9c09421264275fdb08ddd7123) +++ lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBLessonGridRowDTO.java (.../GBLessonGridRowDTO.java) (revision 5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06) @@ -25,6 +25,8 @@ import java.util.ArrayList; +import org.apache.commons.lang.StringEscapeUtils; + import org.lamsfoundation.lams.gradebook.util.GBGridView; import org.lamsfoundation.lams.gradebook.util.GradebookUtil; @@ -52,6 +54,8 @@ ret.add(id.toString()); + rowName = StringEscapeUtils.escapeHtml(rowName); + if (view == GBGridView.MON_COURSE) { if (gradebookMonitorURL != null && gradebookMonitorURL.length() != 0) { ret.add("" + rowName Index: lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBUserGridRowDTO.java =================================================================== diff -u -r3667835e31310dd9c09421264275fdb08ddd7123 -r5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06 --- lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBUserGridRowDTO.java (.../GBUserGridRowDTO.java) (revision 3667835e31310dd9c09421264275fdb08ddd7123) +++ lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/dto/GBUserGridRowDTO.java (.../GBUserGridRowDTO.java) (revision 5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06) @@ -26,6 +26,8 @@ import java.util.ArrayList; import java.util.Date; +import org.apache.commons.lang.StringEscapeUtils; + import org.lamsfoundation.lams.gradebook.util.GBGridView; import org.lamsfoundation.lams.gradebook.util.GradebookUtil; import org.lamsfoundation.lams.usermanagement.User; @@ -47,7 +49,7 @@ public GBUserGridRowDTO(User user) { this.id = user.getUserId().toString(); - this.rowName = user.getLastName() + " " + user.getFirstName(); + this.rowName = StringEscapeUtils.escapeHtml(user.getLastName() + " " + user.getFirstName()); this.firstName = user.getFirstName(); this.lastName = user.getLastName(); } Index: lams_gradebook/web/gradebookCourseLearner.jsp =================================================================== diff -u -r35a0e719d061c08b52e705135bb2f2126079ed21 -r5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06 --- lams_gradebook/web/gradebookCourseLearner.jsp (.../gradebookCourseLearner.jsp) (revision 35a0e719d061c08b52e705135bb2f2126079ed21) +++ lams_gradebook/web/gradebookCourseLearner.jsp (.../gradebookCourseLearner.jsp) (revision 5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06) @@ -156,7 +156,7 @@

- ${fullName} +

Index: lams_gradebook/web/gradebookCourseMonitor.jsp =================================================================== diff -u -r7e111dfceb5cb118a72e4397389473ab07ad2ca7 -r5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06 --- lams_gradebook/web/gradebookCourseMonitor.jsp (.../gradebookCourseMonitor.jsp) (revision 7e111dfceb5cb118a72e4397389473ab07ad2ca7) +++ lams_gradebook/web/gradebookCourseMonitor.jsp (.../gradebookCourseMonitor.jsp) (revision 5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06) @@ -430,7 +430,7 @@

- ${organisationName} +

Index: lams_gradebook/web/gradebookMonitor.jsp =================================================================== diff -u -rfc2765358dd2ee073be452d5c1e265a3b7e404a1 -r5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06 --- lams_gradebook/web/gradebookMonitor.jsp (.../gradebookMonitor.jsp) (revision fc2765358dd2ee073be452d5c1e265a3b7e404a1) +++ lams_gradebook/web/gradebookMonitor.jsp (.../gradebookMonitor.jsp) (revision 5cbf5dea8b16101e8eba03b35d84ad92e1b0cc06) @@ -88,7 +88,7 @@ ], colModel:[ {name:'id', index:'id', sortable:false, editable:false, hidden:true, search:false, hidedlg:true}, - {name:'rowName',index:'rowName', sortable:true, editable:false}, + {name:'rowNamer',index:'rowName', sortable:true, editable:false, autoencode:true}, {name:'status',index:'status', sortable:false, editable:false, search:false, width:50, align:"center"}, {name:'timeTaken',index:'timeTaken', sortable:true, editable:false, search:false, width:80, align:"center"}, {name:'feedback',index:'feedback', sortable:false, editable:true, edittype:'textarea', editoptions:{rows:'4',cols:'20'}, search:false }, @@ -461,7 +461,7 @@

- ${lessonDetails.lessonName} +