diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-08-29 11:48:55 -0700 | 
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-08-29 11:48:55 -0700 | 
| commit | 7adb9ea2e3a42e1c5472024a1699912ae26eacb3 (patch) | |
| tree | 9e435bc853ca0a16e0aec4de38140c3fa10d095a /modules/gallery/libraries | |
| parent | 1d633457c4482ab96bf936e9951ded2d5ebc8c74 (diff) | |
Adding SafeString::for_html_attr()
Diffstat (limited to 'modules/gallery/libraries')
| -rw-r--r-- | modules/gallery/libraries/SafeString.php | 19 | 
1 files changed, 19 insertions, 0 deletions
| diff --git a/modules/gallery/libraries/SafeString.php b/modules/gallery/libraries/SafeString.php index 53bcb27a..709ab5f6 100644 --- a/modules/gallery/libraries/SafeString.php +++ b/modules/gallery/libraries/SafeString.php @@ -90,6 +90,25 @@ class SafeString_Core {    }    /** +   * Safe for use in HTML element attributes. +   * +   * Assumes that the HTML element attribute is already +   * delimited by single or double quotes +   * +   * Example:<pre> +   *     <a title="<?= $php_var->for_html_attr() ?>">; +   *   </script> +   * </pre> +   * @return the string escaped for use in HTML attributes. +   */ +  function for_html_attr() { +    $string = (string) $this->for_html(); +    return strtr($string, +		 array("'"=>"'", +		       '"'=>'"')); +  } + +  /**     * Safe for use HTML (purified HTML)     *     * Example:<pre> | 
