| | |
|---|
| | | $attr = array('src' => $attr); |
|---|
| | | } |
|---|
| | | return self::tag('img', $attr + array('alt' => ''), null, array_merge(self::$common_attrib, |
|---|
| | | array('src','alt','width','height','border','usemap','onclick'))); |
|---|
| | | array('src','alt','width','height','border','usemap','onclick'))); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | else { |
|---|
| | | $attrib_arr[] = $key . '="' . self::quote($value, true) . '"'; |
|---|
| | | $attrib_arr[] = $key . '="' . self::quote($value) . '"'; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | /** |
|---|
| | | * Replacing specials characters in html attribute value |
|---|
| | | * |
|---|
| | | * @param string $str Input string |
|---|
| | | * @param bool $validate Enables double quotation prevention |
|---|
| | | * @param string $str Input string |
|---|
| | | * |
|---|
| | | * @return string The quoted string |
|---|
| | | * @return string The quoted string |
|---|
| | | */ |
|---|
| | | public static function quote($str, $validate = false) |
|---|
| | | public static function quote($str) |
|---|
| | | { |
|---|
| | | $str = htmlspecialchars($str, ENT_COMPAT, RCMAIL_CHARSET); |
|---|
| | | |
|---|
| | | // avoid douple quotation of & |
|---|
| | | // @TODO: get rid of it |
|---|
| | | if ($validate) { |
|---|
| | | $str = preg_replace('/&([A-Za-z]{2,6}|#[0-9]{2,4});/', '&\\1;', $str); |
|---|
| | | } |
|---|
| | | |
|---|
| | | return $str; |
|---|
| | | return @htmlspecialchars($str, ENT_COMPAT, RCMAIL_CHARSET); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | protected $tagname = 'input'; |
|---|
| | | protected $type = 'text'; |
|---|
| | | protected $allowed = array( |
|---|
| | | 'type','name','value','size','tabindex', |
|---|
| | | 'type','name','value','size','tabindex','autocapitalize', |
|---|
| | | 'autocomplete','checked','onchange','onclick','disabled','readonly', |
|---|
| | | 'spellcheck','results','maxlength','src','multiple','placeholder', |
|---|
| | | ); |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (!empty($value) && empty($this->attrib['is_escaped'])) { |
|---|
| | | $value = self::quote($value, true); |
|---|
| | | $value = self::quote($value); |
|---|
| | | } |
|---|
| | | |
|---|
| | | return self::tag($this->tagname, $this->attrib, $value, |
|---|
| | |
|---|
| | | |
|---|
| | | $option_content = $option['text']; |
|---|
| | | if (empty($this->attrib['is_escaped'])) { |
|---|
| | | $option_content = self::quote($option_content, true); |
|---|
| | | $option_content = self::quote($option_content); |
|---|
| | | } |
|---|
| | | |
|---|
| | | $this->content .= self::tag('option', $attr, $option_content); |
|---|
| | |
|---|
| | | $cell->content = $cont; |
|---|
| | | |
|---|
| | | $this->rows[$this->rowindex]->cells[$this->colindex] = $cell; |
|---|
| | | $this->colindex++; |
|---|
| | | $this->colindex += max(1, intval($attr['colspan'])); |
|---|
| | | |
|---|
| | | if ($this->attrib['cols'] && $this->colindex == $this->attrib['cols']) { |
|---|
| | | if ($this->attrib['cols'] && $this->colindex >= $this->attrib['cols']) { |
|---|
| | | $this->add_row(); |
|---|
| | | } |
|---|
| | | } |
|---|
