From 7adb9ea2e3a42e1c5472024a1699912ae26eacb3 Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Sat, 29 Aug 2009 11:48:55 -0700
Subject: Adding SafeString::for_html_attr()

---
 modules/gallery/libraries/SafeString.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'modules/gallery/libraries/SafeString.php')

diff --git a/modules/gallery/libraries/SafeString.php b/modules/gallery/libraries/SafeString.php
index 53bcb27a..709ab5f6 100644
--- a/modules/gallery/libraries/SafeString.php
+++ b/modules/gallery/libraries/SafeString.php
@@ -89,6 +89,25 @@ class SafeString_Core {
     return self::_escape_for_js($this->_raw_string);
   }
 
+  /**
+   * Safe for use in HTML element attributes.
+   *
+   * Assumes that the HTML element attribute is already
+   * delimited by single or double quotes
+   *
+   * Example:<pre>
+   *     <a title="<?= $php_var->for_html_attr() ?>">;
+   *   </script>
+   * </pre>
+   * @return the string escaped for use in HTML attributes.
+   */
+  function for_html_attr() {
+    $string = (string) $this->for_html();
+    return strtr($string,
+		 array("'"=>"&#039;",
+		       '"'=>'&quot;'));
+  }
+
   /**
    * Safe for use HTML (purified HTML)
    *
-- 
cgit v1.2.3