equal
deleted
inserted
replaced
278 */ |
278 */ |
279 function encodeAttribute( $text ) { |
279 function encodeAttribute( $text ) { |
280 |
280 |
281 // In Enano 1.0.3, added this cheapo hack to keep ampersands |
281 // In Enano 1.0.3, added this cheapo hack to keep ampersands |
282 // from being double-sanitized. Thanks to markybob from #deluge. |
282 // from being double-sanitized. Thanks to markybob from #deluge. |
|
283 |
|
284 // htmlspecialchars() the "manual" way |
283 $encValue = strtr( $text, array( |
285 $encValue = strtr( $text, array( |
284 '&' => '&' |
286 '&' => '&', |
|
287 '"' => '"', |
|
288 '<' => '<', |
|
289 '>' => '>', |
|
290 ''' => "'" |
285 ) ); |
291 ) ); |
286 |
292 |
287 $encValue = htmlspecialchars( $text ); |
293 $encValue = strtr( $text, array( |
|
294 '&' => '&', |
|
295 '"' => '"', |
|
296 '<' => '<', |
|
297 '>' => '>', |
|
298 "'" => ''' |
|
299 ) ); |
|
300 |
288 |
301 |
289 // Whitespace is normalized during attribute decoding, |
302 // Whitespace is normalized during attribute decoding, |
290 // so if we've been passed non-spaces we must encode them |
303 // so if we've been passed non-spaces we must encode them |
291 // ahead of time or they won't be preserved. |
304 // ahead of time or they won't be preserved. |
292 $encValue = strtr( $encValue, array( |
305 $encValue = strtr( $encValue, array( |