includes/wikiengine/Tables.php
changeset 449 b8fd21190ae1
parent 446 27f5ac58992c
child 458 c433348f3628
equal deleted inserted replaced
445:62e1a6f3de84 449:b8fd21190ae1
   278 	 */
   278 	 */
   279 	function encodeAttribute( $text ) {
   279 	function encodeAttribute( $text ) {
   280     
   280     
   281     // In Enano 1.0.3, added this cheapo hack to keep ampersands
   281     // In Enano 1.0.3, added this cheapo hack to keep ampersands
   282     // from being double-sanitized. Thanks to markybob from #deluge.
   282     // from being double-sanitized. Thanks to markybob from #deluge.
       
   283     
       
   284     // htmlspecialchars() the "manual" way
   283     $encValue = strtr( $text, array(
   285     $encValue = strtr( $text, array(
   284       '&' => '&'
   286       '&'  => '&',
       
   287       '"' => '"',
       
   288       '&lt;'   => '<',
       
   289       '&gt;'   => '>',
       
   290       '&#039;' => "'"
   285     ) );
   291     ) );
   286     
   292     
   287 		$encValue = htmlspecialchars( $text );
   293     $encValue = strtr( $text, array(
       
   294       '&' => '&amp;',
       
   295       '"' => '&quot;',
       
   296       '<' => '&lt;',
       
   297       '>' => '&gt;',
       
   298       "'" => '&#039;'
       
   299     ) );
       
   300     
   288 		
   301 		
   289 		// Whitespace is normalized during attribute decoding,
   302 		// Whitespace is normalized during attribute decoding,
   290 		// so if we've been passed non-spaces we must encode them
   303 		// so if we've been passed non-spaces we must encode them
   291 		// ahead of time or they won't be preserved.
   304 		// ahead of time or they won't be preserved.
   292 		$encValue = strtr( $encValue, array(
   305 		$encValue = strtr( $encValue, array(