From 9cff69d330760c133d2b22c96da7a89e319b2362 Mon Sep 17 00:00:00 2001 From: deva Date: Sun, 28 Feb 2010 13:06:39 +0000 Subject: Better control of xml enconding... still a lot of testing to do though. --- utils/forms.php | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) (limited to 'utils/forms.php') diff --git a/utils/forms.php b/utils/forms.php index 126d29f..0268315 100644 --- a/utils/forms.php +++ b/utils/forms.php @@ -1,4 +1,7 @@ \n"; - $str .= $indent . "
". $this->label ."
\n"; - $str .= $indent . "
name."]\" value=\"".$this->value."\"/>
\n"; + $str .= $indent . "
". xmlenc($this->label) ."
\n"; + $str .= $indent . "
name."]\" value=\"".xmlenc($this->value)."\"/>
\n"; $str .= $indent . "\n"; return $str; } @@ -32,8 +35,8 @@ class LineEditPwd { function render($indent = "") { $str = $indent . "
\n"; - $str .= $indent . "
". $this->label ."
\n"; - $str .= $indent . "
name."]\" value=\"".$this->value."\" type=\"password\"/>
\n"; + $str .= $indent . "
". xmlenc($this->label) ."
\n"; + $str .= $indent . "
name."]\" value=\"".xmlenc($this->value)."\" type=\"password\"/>
\n"; $str .= $indent . "
\n"; return $str; } @@ -52,7 +55,7 @@ class FileUpload { public function render($indent = "") { $str = $indent . "
\n"; - $str .= $indent . "
". $this->label . "
\n"; + $str .= $indent . "
". xmlenc($this->label) . "
\n"; $str .= $indent . "
name. "\" accept=\"". $this->accept ."\"/>
\n"; $str .= $indent . "
\n"; @@ -92,8 +95,8 @@ class CheckBox { public function render($indent = "") { $str = $indent . "
\n"; - $str .= $indent . "
". $this->label ."
\n"; - $str .= $indent . "
name."]\" value=\"".$this->value."\"/>
\n"; + $str .= $indent . "
". xmlenc($this->label) ."
\n"; + $str .= $indent . "
name."]\" value=\"".xmlenc($this->value)."\"/>
\n"; $str .= $indent . "
\n"; return $str; } @@ -113,12 +116,12 @@ class ComboBox { public function render($indent = "") { $str = $indent . "
\n"; - $str .= $indent . "
".$this->label."
\n"; + $str .= $indent . "
".xmlenc($this->label)."
\n"; $str .= $indent . "
\n"; $str .= $indent . " \n"; $str .= $indent . "
\n"; @@ -139,7 +142,7 @@ class Hidden { { $str = ""; foreach($this->values as $key => $value) { - $str .= $indent . "\n"; + $str .= $indent . "\n"; } return $str; } @@ -159,8 +162,8 @@ class TextEdit { function render($indent = "") { $str = $indent . "
\n"; - $str .= $indent . "
". $this->label ."
\n"; - $str .= $indent . "
\n"; + $str .= $indent . "
". xmlenc($this->label) ."
\n"; + $str .= $indent . "
\n"; $str .= $indent . "
\n"; return $str; } @@ -189,7 +192,7 @@ class DateTimeEdit { $year = date('Y',$t); $str = $indent . "
\n"; - $str .= $indent . "
".$this->label."
\n"; + $str .= $indent . "
".xmlenc($this->label)."
\n"; $str .= $indent . "
\n"; $str .= $indent . " name."_year]\" value=\"".$year."\"/>"; $str .= "/name."_month]\" value=\"".$month."\"/>"; @@ -237,7 +240,7 @@ class ImageComboBox { else $numicons = sizeof($this->values); $str = $indent . "
\n"; - $str .= $indent . "
".$this->label."
\n"; + $str .= $indent . "
".xmlenc($this->label)."
\n"; $str .= $indent . "
\n"; $str .= $indent . "