From ce9c339c877d6bcd4365e657b5bd9e3260b23527 Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Sun, 9 May 2004 10:18:56 +0000
Subject: [PATCH] fixed for on??? atributes, which contain single quotes

---
 phpgwapi/inc/class.javascript.inc.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/phpgwapi/inc/class.javascript.inc.php b/phpgwapi/inc/class.javascript.inc.php
index e538f5e457..2ee3f8cd4e 100644
--- a/phpgwapi/inc/class.javascript.inc.php
+++ b/phpgwapi/inc/class.javascript.inc.php
@@ -86,9 +86,14 @@
 		*/
 		function get_body_attribs()
 		{
-			$js  = ($this->body['onLoad'] ? 'onLoad="' . addslashes($this->body['onLoad']) . '"' : '');
-			$js .= ($this->body['onUnload'] ? 'onUnLoad="' . addslashes($this->body['onUnload']) . '"': '');
-			$js .= ($this->body['onResize'] ? 'onResize="' . addslashes($this->body['onResize']) . '"': '');
+			$js = '';
+			foreach(array('onLoad','onUnload','onResize') as $what)
+			{
+				if (!empty($this->body[$what]))
+				{
+					$js .= ' '.$what.'="' . str_replace(array('"','\\'),array('\\"','\\\\'),$this->body[$what]) . '"';
+				}
+			}
 			return $js;
 		}