break;
default:
echo " <D:$prop[name]>"
- . $this->_prop_encode(htmlspecialchars($prop['val']))
+ . $this->_prop_encode(htmlspecialchars($prop['val'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"))
. "</D:$prop[name]>\n";
break;
}
// properties from namespaces != "DAV:" or without any namespace
if ($prop["ns"]) {
echo " <" . $ns_hash[$prop["ns"]] . ":$prop[name]>"
- . $this->_prop_encode(htmlspecialchars($prop['val']))
+ . $this->_prop_encode(htmlspecialchars($prop['val'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"))
. "</" . $ns_hash[$prop["ns"]] . ":$prop[name]>\n";
} else {
echo " <$prop[name] xmlns=\"\">"
- . $this->_prop_encode(htmlspecialchars($prop['val']))
+ . $this->_prop_encode(htmlspecialchars($prop['val'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"))
. "</$prop[name]>\n";
}
}
if ($responsedescr) {
echo " <D:responsedescription>".
- $this->_prop_encode(htmlspecialchars($responsedescr)).
+ $this->_prop_encode(htmlspecialchars($responsedescr, ENT_COMPAT | ENT_HTML401, "ISO-8859-1")).
"</D:responsedescription>\n";
}
$id = 0;
}
- $prefix = htmlspecialchars($this->getConf('id_prefix'));
+ $prefix = htmlspecialchars($this->getConf('id_prefix'), ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$start = $this->wiki->addToken(
$this->rule,
return $start . $matches[2] . $end . "\n";
}
}
-?>
\ No newline at end of file
+?>
// convert *after* checking against page names so as not to mess
// up what the user typed and what we're checking.
- $page = htmlspecialchars($page);
- $anchor = htmlspecialchars($anchor);
- $text = htmlspecialchars($text);
+ $page = htmlspecialchars($page, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
+ $anchor = htmlspecialchars($anchor, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
+ $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$href = $this->getConf('view_url');
return "$text\\footnote\{$href}";
}
}
-?>
\ No newline at end of file
+?>
// build the baseline output
$output = $this->conf['format_main'];
- $output = str_replace('%access', htmlspecialchars($access), $output);
- $output = str_replace('%return', htmlspecialchars($return), $output);
- $output = str_replace('%name', htmlspecialchars($name), $output);
+ $output = str_replace('%access', htmlspecialchars($access, ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $output);
+ $output = str_replace('%return', htmlspecialchars($return, ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $output);
+ $output = str_replace('%name', htmlspecialchars($name, ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $output);
// build the set of params
$list = array();
}
// add the param elements
- $tmp = str_replace('%type', htmlspecialchars($val['type']), $tmp);
- $tmp = str_replace('%descr', htmlspecialchars($val['descr']), $tmp);
- $tmp = str_replace('%default', htmlspecialchars($val['default']), $tmp);
+ $tmp = str_replace('%type', htmlspecialchars($val['type'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $tmp);
+ $tmp = str_replace('%descr', htmlspecialchars($val['descr'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $tmp);
+ $tmp = str_replace('%default', htmlspecialchars($val['default'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $tmp);
$list[] = $tmp;
}
$list = array();
foreach ($throws as $key => $val) {
$tmp = $this->conf['format_throws'];
- $tmp = str_replace('%type', htmlspecialchars($val['type']), $tmp);
- $tmp = str_replace('%descr', htmlspecialchars($val['descr']), $tmp);
+ $tmp = str_replace('%type', htmlspecialchars($val['type'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $tmp);
+ $tmp = str_replace('%descr', htmlspecialchars($val['descr'], ENT_COMPAT | ENT_HTML401, "ISO-8859-1"), $tmp);
$list[] = $tmp;
}
return "\n$output\n\n";
}
}
-?>
\ No newline at end of file
+?>
}
// start the HTML output
- $output = '<img src="' . htmlspecialchars($src) . '"';
+ $output = '<img src="' . htmlspecialchars($src, ENT_COMPAT | ENT_HTML401, "ISO-8859-1") . '"';
// get the CSS class but don't add it yet
$css = $this->formatConf(' class="%s"', 'css');
$css = null;
}
- $key = htmlspecialchars($key);
- $val = htmlspecialchars($val);
+ $key = htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
+ $val = htmlspecialchars($val, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$output .= " $key=\"$val\"";
}
// always add an "alt" attribute per Stephane Solliec
if (! $alt) {
- $alt = htmlspecialchars(basename($options['src']));
+ $alt = htmlspecialchars(basename($options['src']), ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$output .= " alt=\"$alt\"";
}
// was the image clickable?
if ($href) {
// yes, add the href and return
- $href = htmlspecialchars($href);
+ $href = htmlspecialchars($href, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$css = $this->formatConf(' class="%s"', 'css_link');
$output = "<a$css href=\"$href\">$output</a>";
}
return $output;
}
}
-?>
\ No newline at end of file
+?>
$target = $this->getConf('target');
// build base link
- $text = htmlspecialchars($text);
+ $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$output = "<a$css href=\"$href\"";
// are we targeting a specific window?
// this is XHTML compliant, suggested by Aaron Kalin.
// code tip is actually from youngpup.net, and it
// uses the $target as the new window name.
- $target = htmlspecialchars($target);
+ $target = htmlspecialchars($target, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$output .= " onClick=\"window.open(this.href, '$target');";
$output .= " return false;\"";
}
return $output;
}
}
-?>
\ No newline at end of file
+?>
if ($target) {
// use a "popup" window. this is XHTML compliant, suggested by
// Aaron Kalin. uses the $target as the new window name.
- $target = htmlspecialchars($target);
+ $target = htmlspecialchars($target, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$output .= " onclick=\"window.open(this.href, '$target');";
$output .= " return false;\"";
}
$q = $text;
}
- $q = htmlspecialchars($q);
- $text = htmlspecialchars($text);
+ $q = htmlspecialchars($q, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
+ $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
// finish and return
$output .= " href=\"http://php.net/$q\">$text</a>";
return $output;
}
}
-?>
\ No newline at end of file
+?>
// extension.
$pos = strrpos($href, '.');
$ext = strtolower(substr($href, $pos + 1));
- $href = htmlspecialchars($href);
+ $href = htmlspecialchars($href, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
// does the filename extension indicate an image file?
if ($this->getConf('images') &&
// create alt text for the image
if (! isset($text) || $text == '') {
$text = basename($href);
- $text = htmlspecialchars($text);
+ $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
}
// generate an image tag
}
// generate a regular link (not an image)
- $text = htmlspecialchars($text);
+ $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$css = $this->formatConf(' class="%s"', "css_$type");
$output = "<a$css href=\"$href\"";
if ($target) {
// use a "popup" window. this is XHTML compliant, suggested by
// Aaron Kalin. uses the $target as the new window name.
- $target = htmlspecialchars($target);
+ $target = htmlspecialchars($target, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
$output .= " onclick=\"window.open(this.href, '$target');";
$output .= " return false;\"";
}
return $output;
}
}
-?>
\ No newline at end of file
+?>
// convert *after* checking against page names so as not to mess
// up what the user typed and what we're checking.
- $page = htmlspecialchars($page);
- $anchor = htmlspecialchars($anchor);
- $text = htmlspecialchars($text);
+ $page = htmlspecialchars($page, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
+ $anchor = htmlspecialchars($anchor, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
+ $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, "ISO-8859-1");
// does the page exist?
if ($exists) {
return $output;
}
}
-?>
\ No newline at end of file
+?>
$page->assign('file',$file);
$page->assign('source',__("File source"));
$page->assign('msg_log',__("log message"));
-$page->assign('file_content',htmlspecialchars(file_get_contents($myfile), ENT_NOQUOTES));
+$page->assign('file_content',htmlspecialchars(file_get_contents($myfile), ENT_COMPAT | ENT_HTML401, "ISO-8859-1"));
$page->assign('submit',__("Submit"));
// menu for stylesheet replacement
$subset = str_replace('\'\'', '\'', str_replace('\\\\', '\\', $subset));
$html_out .= "<option value=\"$subset\""
. ((isset($vset[$subset]) && $vset[$subset]) ? " selected=\"selected\"" : "")
- . ">".(isset($trans) ? $trans[$subset] : htmlspecialchars($subset))."</option>\n";
+ . ">".(isset($trans) ? $trans[$subset] : htmlspecialchars($subset, ENT_COMPAT | ENT_HTML401, "ISO-8859-1"))."</option>\n";
}
// if we have a name, display closing select tag
projects / diogenes.git / commitdiff