added validator for htmlarea, not yet tested, as it is not yet implemented on clientside

etemplate/inc/class.etemplate_widget_htmlarea.inc.php

@@ -0,0 +1,40 @@
+<?php
+/**
+ * EGroupware - eTemplate serverside htmlarea widget
+ *
+ * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
+ * @package etemplate
+ * @subpackage api
+ * @link http://www.egroupware.org
+ * @author Ralf Becker <RalfBecker@outdoor-training.de>
+ * @copyright 2002-11 by RalfBecker@outdoor-training.de
+ * @version $Id$
+ */
+
+/**
+ * eTemplate htmlarea widget
+ */
+class etemplate_widget_htmlarea extends etemplate_widget
+{
+	/**
+	 * Validate input
+	 *
+	 * Input is run throught HTMLpurifier, to make sure users can NOT enter javascript or other nasty stuff (XSS!).
+	 *
+	 * @param string $cname current namespace
+	 * @param array $content
+	 * @param array &$validated=array() validated content
+	 * @return boolean true if no validation error, false otherwise
+	 */
+	public function validate($cname, array $content, &$validated=array())
+	{
+		$form_name = self::form_name($cname, $this->id);
+
+		if (self::get_array($content, $form_name) && !$this->is_readonly($cname))
+		{
+			$valid =& self::get_array($validated, $form_name, true);
+
+			$valid = html::purify($value);
+		}
+	}
+}