diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-08-29 11:48:55 -0700 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-08-29 11:48:55 -0700 |
| commit | 7adb9ea2e3a42e1c5472024a1699912ae26eacb3 (patch) | |
| tree | 9e435bc853ca0a16e0aec4de38140c3fa10d095a /modules/gallery/libraries/SafeString.php | |
| parent | 1d633457c4482ab96bf936e9951ded2d5ebc8c74 (diff) | |
Adding SafeString::for_html_attr()
Diffstat (limited to 'modules/gallery/libraries/SafeString.php')
| -rw-r--r-- | modules/gallery/libraries/SafeString.php | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/modules/gallery/libraries/SafeString.php b/modules/gallery/libraries/SafeString.php index 53bcb27a..709ab5f6 100644 --- a/modules/gallery/libraries/SafeString.php +++ b/modules/gallery/libraries/SafeString.php @@ -90,6 +90,25 @@ class SafeString_Core { } /** + * Safe for use in HTML element attributes. + * + * Assumes that the HTML element attribute is already + * delimited by single or double quotes + * + * Example:<pre> + * <a title="<?= $php_var->for_html_attr() ?>">; + * </script> + * </pre> + * @return the string escaped for use in HTML attributes. + */ + function for_html_attr() { + $string = (string) $this->for_html(); + return strtr($string, + array("'"=>"'", + '"'=>'"')); + } + + /** * Safe for use HTML (purified HTML) * * Example:<pre> |