commit 01d4d30c036b121aa34535ab8617528d2c49d735 parent 31a81bf70ffa842fcf6bb08b8912c3bf8797cdb8 Author: dankert <devnull@localhost> Date: Sat, 27 Mar 2010 00:47:04 +0100 HTML-Sonderzeichen im Eingabefeld maskieren. Diffstat:
| themes/default/include/html/input.inc.php | | | 12 | ++++++++---- |
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/themes/default/include/html/input.inc.php b/themes/default/include/html/input.inc.php @@ -1,9 +1,13 @@ <?php if ($this->isEditable() && !$this->isEditMode()) $attr_readonly=true; if ($attr_readonly && empty($$attr_name)) $$attr_name = '- '.lang('EMPTY').' -'; if(!isset($attr_default)) $attr_default=''; +// $tmp_value = htmlentities(isset($$attr_name)?$$attr_name:$attr_default,ENT_COMPAT,'UTF-8'); + $tmp_value = Text::encodeHtml(isset($$attr_name)?$$attr_name:$attr_default); ?><?php if (!$attr_readonly || $attr_type=='hidden') { -?><input<?php if ($attr_readonly) echo ' disabled="true"' ?> id="id_<?php echo $attr_name ?><?php if ($attr_readonly) echo '_disabled' ?>" name="<?php echo $attr_name ?><?php if ($attr_readonly) echo '_disabled' ?>" type="<?php echo $attr_type ?>" size="<?php echo $attr_size ?>" maxlength="<?php echo $attr_maxlength ?>" class="<?php echo $attr_class ?>" value="<?php echo isset($$attr_name)?$$attr_name:$attr_default ?>" <?php if (in_array($attr_name,$errors)) echo 'style="border-rightx:10px solid red; background-colorx:yellow; border:2px dashed red;"' ?> /><?php + /* Feld editieren */ +?><input<?php if ($attr_readonly) echo ' disabled="true"' ?> id="id_<?php echo $attr_name ?><?php if ($attr_readonly) echo '_disabled' ?>" name="<?php echo $attr_name ?><?php if ($attr_readonly) echo '_disabled' ?>" type="<?php echo $attr_type ?>" size="<?php echo $attr_size ?>" maxlength="<?php echo $attr_maxlength ?>" class="<?php echo $attr_class ?>" value="<?php echo $tmp_value ?>" <?php if (in_array($attr_name,$errors)) echo 'style="border:2px dashed red;"' ?> /><?php if ($attr_readonly) { -?><input type="hidden" id="id_<?php echo $attr_name ?>" name="<?php echo $attr_name ?>" value="<?php echo isset($$attr_name)?$$attr_name:$attr_default ?>" /><?php - } } else { ?><span class="<?php echo $attr_class ?>"><?php echo isset($$attr_name)?$$attr_name:$attr_default ?></span><?php } ?>- \ No newline at end of file + /* Nur anzeigen */ +?><input type="hidden" id="id_<?php echo $attr_name ?>" name="<?php echo $attr_name ?>" value="<?php echo $tmp_value ?>" /><?php + } } else { ?><span class="<?php echo $attr_class ?>"><?php echo $tmp_value ?></span><?php } ?>+ \ No newline at end of file