Role name and description fields are currently not escaped when
exporting a role. This results in an unusable file when characters
such as ampersands are used in a name or description. Fix this by
using htmlspecialchars on both fields.
Signed-off-by: Nigel Cunningham <nigelc@catalyst-au.net>
action_icons should not be cached as they
have a unique id and if cache is used then
all icons will have same id.
Other solution is to replace id with some static
but it's not worth a cache for a page, so
removing cache
This is an extremely dangerous query, because it includes the user
table twice, along-side two other potentially large tables,
role_assignments and user_enrolments.
The solution is to rewrite the query so that:
1. The subquery is JOINed, not WHERE ... INed. Typically query
optimisers handle the JOIN case better.
2. Before the join was role-assignments <-> users <-> subquery.
That is, everything was linked to u.id.
Now the linking is role-assignments <-> subquery <-> users,
so the SELECT DISTINT eu1_u.id FROM {enrolled users} is central.
That seems to send a strong hint to the query optimiser about
a good order to execute the query.