[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] CVS: etemplate/inc class.html.inc.php,1.21,1.22
From: |
Ralf Becker <address@hidden> |
Subject: |
[Phpgroupware-cvs] CVS: etemplate/inc class.html.inc.php,1.21,1.22 |
Date: |
Sun, 06 Jul 2003 07:01:19 -0400 |
Update of /cvsroot/phpgroupware/etemplate/inc
In directory subversions:/tmp/cvs-serv17519/etemplate/inc
Modified Files:
class.html.inc.php
Log Message:
fixed handling of links with params containing '&', replaced htmlentities with
htmlspecialchars
Index: class.html.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/etemplate/inc/class.html.inc.php,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -r1.21 -r1.22
*** class.html.inc.php 26 Jun 2003 19:15:20 -0000 1.21
--- class.html.inc.php 6 Jul 2003 11:01:16 -0000 1.22
***************
*** 48,54 ****
$arr = array('no','yes');
}
! if (0+$multiple > 0)
{
! $options .= ' MULTIPLE SIZE="'.(0+$multiple).'"';
if (substr($name,-2) != '[]')
{
--- 48,54 ----
$arr = array('no','yes');
}
! if (intval($multiple) > 0)
{
! $options .= ' MULTIPLE SIZE="'.intval($multiple).'"';
if (substr($name,-2) != '[]')
{
***************
*** 62,68 ****
$key = implode(',',$key);
}
! while (list($k,$text) = each($arr))
{
$out .= '<option value="'.htmlspecialchars($k).'"';
if("$k" == "$key" || strstr(",$key,",",$k,"))
{
--- 62,69 ----
$key = implode(',',$key);
}
! foreach($arr as $k => $text)
{
$out .= '<option value="'.htmlspecialchars($k).'"';
+
if("$k" == "$key" || strstr(",$key,",",$k,"))
{
***************
*** 87,93 ****
$vars = array( $vars => $value );
}
! while (list($name,$value) = each($vars))
{
! if (is_array($value)) $value = serialize($value);
if (!$ignore_empty || $value && !($name == 'filter' &&
$value == 'none')) // dont need to send all the empty vars
{
--- 88,97 ----
$vars = array( $vars => $value );
}
! foreach($vars as $name => $value)
{
! if (is_array($value))
! {
! $value = serialize($value);
! }
if (!$ignore_empty || $value && !($name == 'filter' &&
$value == 'none')) // dont need to send all the empty vars
{
***************
*** 105,110 ****
function input($name,$value='',$type='',$options='' )
{
! if ($type) $type = 'TYPE="'.$type.'"';
!
return "<INPUT $type NAME=\"$name\"
VALUE=\"".htmlspecialchars($value)."\" $options>\n";
}
--- 109,116 ----
function input($name,$value='',$type='',$options='' )
{
! if ($type)
! {
! $type = 'TYPE="'.$type.'"';
! }
return "<INPUT $type NAME=\"$name\"
VALUE=\"".htmlspecialchars($value)."\" $options>\n";
}
***************
*** 114,118 ****
if ($image != '')
{
! if (strpos($image,'.')) $image =
substr($image,0,strpos($image,'.'));
if (!($path =
$GLOBALS['phpgw']->common->image($app,$image)) &&
!($path =
$GLOBALS['phpgw']->common->image('phpgwapi',$image)))
--- 120,127 ----
if ($image != '')
{
! if (strpos($image,'.'))
! {
! $image = substr($image,0,strpos($image,'.'));
! }
if (!($path =
$GLOBALS['phpgw']->common->image($app,$image)) &&
!($path =
$GLOBALS['phpgw']->common->image('phpgwapi',$image)))
***************
*** 160,180 ****
function link($url,$vars='')
{
! if (is_array( $vars ))
{
! $v = array( );
! while(list($name,$value) = each($vars))
! {
! if ($value && !($name == 'filter' && $value ==
'none')) // dont need to send all the empty vars
! {
! $v[] = "$name=$value";
! }
! }
! $vars = implode('&',$v);
}
list($url,$v) = explode('?',$url); // url may contain
additional vars
- if ($url == '') $url = '/index.php';
if ($v)
! $vars .= ($vars ? '&' : '') . $v;
!
return $GLOBALS['phpgw']->link($url,$vars);
}
--- 169,181 ----
function link($url,$vars='')
{
! if (!is_array($vars))
{
! $vars = explode('&',$vars);
}
list($url,$v) = explode('?',$url); // url may contain
additional vars
if ($v)
! {
! $vars += explode('&',$v);
! }
return $GLOBALS['phpgw']->link($url,$vars);
}
***************
*** 190,194 ****
$html .= $this->input_hidden($hidden_vars);
! if ($content) {
$html .= $content;
$html .= "</form>\n";
--- 191,196 ----
$html .= $this->input_hidden($hidden_vars);
! if ($content)
! {
$html .= $content;
$html .= "</form>\n";
***************
*** 197,205 ****
}
! function form_1button($name,$lang,$hidden_vars,$url,$url_vars='',
!
$form_name='',$method='POST')
{
return $this->form($this->submit_button($name,$lang),
!
$hidden_vars,$url,$url_vars,$form_name,'',$method);
}
--- 199,206 ----
}
! function
form_1button($name,$lang,$hidden_vars,$url,$url_vars='',$form_name='',$method='POST')
{
return $this->form($this->submit_button($name,$lang),
! $hidden_vars,$url,$url_vars,$form_name,'',$method);
}
***************
*** 220,243 ****
$html = $no_table_tr ? '' : "<TABLE $options>\n";
! while (list($key,$row) = each($rows)) {
if (!is_array($row))
continue;
// parameter
$html .= $no_table_tr && $key == 1 ? '' : "\t<TR
".$rows['.'.$key].">\n";
! while (list($key,$cell) = each($row)) {
if ($key[0] == '.')
continue;
// parameter
$table_pos = strpos($cell,'<TABLE');
$td_pos = strpos($cell,'<TD');
if ($td_pos !== False && ($table_pos === False
|| $td_pos < $table_pos))
$html .= $cell;
else
$html .= "\t\t<TD
".$row['.'.$key].">$cell</TD>\n";
}
$html .= "\t</TR>\n";
}
$html .= "</TABLE>\n";
if ($no_table_tr)
$html = substr($html,0,-16);
!
return $html;
}
--- 221,257 ----
$html = $no_table_tr ? '' : "<TABLE $options>\n";
! foreach($rows as $key => $row)
! {
if (!is_array($row))
+ {
continue;
// parameter
+ }
$html .= $no_table_tr && $key == 1 ? '' : "\t<TR
".$rows['.'.$key].">\n";
!
! foreach($row as $key => $cell)
! {
if ($key[0] == '.')
+ {
continue;
// parameter
+ }
$table_pos = strpos($cell,'<TABLE');
$td_pos = strpos($cell,'<TD');
if ($td_pos !== False && ($table_pos === False
|| $td_pos < $table_pos))
+ {
$html .= $cell;
+ }
else
+ {
$html .= "\t\t<TD
".$row['.'.$key].">$cell</TD>\n";
+ }
}
$html .= "\t</TR>\n";
}
$html .= "</TABLE>\n";
+
if ($no_table_tr)
+ {
$html = substr($html,0,-16);
! }
return $html;
}
***************
*** 270,274 ****
if ($title)
{
! $options .= "
$this->prefered_img_title=\"".htmlentities($title).'"';
}
return "<IMG SRC=\"$path\" $options>";
--- 284,288 ----
if ($title)
{
! $options .= "
$this->prefered_img_title=\"".htmlspecialchars($title).'"';
}
return "<IMG SRC=\"$path\" $options>";
***************
*** 278,283 ****
{
if (!strstr($url,'/') && count(explode('.',$url)) == 3)
$url = "/index.php?menuaction=$url";
!
if (is_array($url))
{
--- 292,298 ----
{
if (!strstr($url,'/') && count(explode('.',$url)) == 3)
+ {
$url = "/index.php?menuaction=$url";
! }
if (is_array($url))
{
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] CVS: etemplate/inc class.html.inc.php,1.21,1.22,
Ralf Becker <address@hidden> <=
- Prev by Date:
[Phpgroupware-cvs] CVS: phpgroupware/doc/rpm-build build-phpgw-rpms,NONE,1.1.4.1 phpgroupware-rh-allapp.spec,NONE,1.1.2.1phpgroupware-rh.spec,NONE,1.1.2.1
- Next by Date:
[Phpgroupware-cvs] CVS: etemplate/inc class.uietemplate.inc.php,1.60,1.61
- Previous by thread:
[Phpgroupware-cvs] CVS: phpgroupware/doc/rpm-build build-phpgw-rpms,NONE,1.1.4.1 phpgroupware-rh-allapp.spec,NONE,1.1.2.1phpgroupware-rh.spec,NONE,1.1.2.1
- Next by thread:
[Phpgroupware-cvs] CVS: etemplate/inc class.uietemplate.inc.php,1.60,1.61
- Index(es):