extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-10-05 09:42:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

added some htmlspecialchars() to the values of input and textarea, to allow transparent use of " and '

Browse Source
This commit is contained in:
Ralf Becker 2003-06-14 13:47:41 +00:00
parent 7b12e0880c
commit 6ce761812e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
etemplate/inc/class.html.inc.php
View File

@ -63,7 +63,7 @@ class html
}
while (list($k,$text) = each($arr))
{
$out .= '<option value="'.$k.'"';
$out .= '<option value="'.htmlspecialchars($k).'"';
if("$k" == "$key" || strstr(",$key,",",$k,"))
{
$out .= " SELECTED";
@ -99,14 +99,14 @@ class html
function textarea($name,$value='',$options='' )
{
return "<TEXTAREA name=\"$name\" $options>$value</TEXTAREA>\n";
return "<TEXTAREA name=\"$name\" $options>".htmlspecialchars($value)."</TEXTAREA>\n";
}
function input($name,$value='',$type='',$options='' )
{
if ($type) $type = 'TYPE="'.$type.'"';
return "<INPUT $type NAME=\"$name\" VALUE=\"$value\" $options>\n";
return "<INPUT $type NAME=\"$name\" VALUE=\"".htmlspecialchars($value)."\" $options>\n";
}
function submit_button($name,$lang,$onClick='',$no_lang=0,$options='',$image='',$app='')