From bc0fe54235ae4f5cd4a74be91beb1f9953eb7b03 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Fri, 18 Jul 2008 10:10:59 -0400
Subject: [PATCH] #1485213: fixed $allowed array for inputfield

---
 program/include/html.php |   43 ++++++++++++++++++++++++-------------------
 1 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/program/include/html.php b/program/include/html.php
index 8af1b1f..68bc66b 100644
--- a/program/include/html.php
+++ b/program/include/html.php
@@ -29,10 +29,10 @@
 {
     protected $tagname;
     protected $attrib = array();
-    protected $allowed;
+    protected $allowed = array();
     protected $content;
 
-    protected static $common_attrib = array('id','class','style','title','align');
+    public static $common_attrib = array('id','class','style','title','align');
     public static $containers = array('div','span','p','h1','h2','h3','form','textarea');
     public static $lc_tags = true;
 
@@ -55,7 +55,7 @@
      */
     public function show()
     {
-        return self::tag($this->tagname, $this->attrib, $this->content, $this->allowed);
+        return self::tag($this->tagname, $this->attrib, $this->content, array_merge(self::$common_attrib, $this->allowed));
     }
 
     /****** STATIC METHODS *******/
@@ -248,6 +248,7 @@
 {
     protected $tagname = 'input';
     protected $type = 'text';
+    protected $allowed = array('type','name','value','size','tabindex','autocomplete','checked','onchange','onclick');
 
     public function __construct($attrib = array())
     {
@@ -371,7 +372,7 @@
         }
 
         // set value attribute
-        $this->attrib['checked'] = ($value && (string)$value == (string)$this->attrib['value']);
+        $this->attrib['checked'] = ((string)$value == (string)$this->attrib['value']);
 
         return parent::show();
     }
@@ -401,7 +402,7 @@
         }
 
         // set value attribute
-        $this->attrib['checked'] = ($value && (string)$value == (string)$this->attrib['value']);
+        $this->attrib['checked'] = ((string)$value == (string)$this->attrib['value']);
 
         return parent::show();
     }
@@ -415,7 +416,7 @@
 class html_textarea extends html
 {
     protected $tagname = 'textarea';
-    protected $allowed_attrib = array('name','rows','cols','wrap');
+    protected $allowed = array('name','rows','cols','wrap','tabindex','onchange');
 
     /**
      * Get HTML code for this object
@@ -432,7 +433,7 @@
         }
 
         // take value attribute as content
-        if ($value == '') {
+        if (empty($value) && !empty($this->attrib['value'])) {
             $value = $this->attrib['value'];
         }
 
@@ -441,10 +442,11 @@
             unset($this->attrib['value']);
         }
 
-        if (!empty($value) && !isset($this->attrib['mce_editable'])) {
-            $value = Q($value, 'strict', FALSE);
+        if (!empty($value) && !ereg('mce_editor', $this->attrib['class'])) {
+            $value = Q($value, 'strict', false);
         }
-        return self::tag($this->tagname, $this->attrib, Q($value), array_merge(self::$common_attrib, $this->allowed_attrib));
+
+        return self::tag($this->tagname, $this->attrib, $value, array_merge(self::$common_attrib, $this->allowed));
     }
 }
 
@@ -471,6 +473,7 @@
 {
     protected $tagname = 'select';
     protected $options = array();
+    protected $allowed = array('name','size','tabindex','autocomplete','multiple','onchange');
     
     /**
      * Add a new option to this drop-down
@@ -510,8 +513,8 @@
         foreach ($this->options as $option) {
             $attr = array(
                 'value' => $option['value'],
-                'selected' => ((!empty($option['value']) && in_array($option['value'], $select, true)) ||
-            (in_array($option['text'], $select, TRUE))) ? 1 : null);
+                'selected' => (in_array($option['value'], $select, true) ||
+                  in_array($option['text'], $select, true)) ? 1 : null);
 
             $this->content .= self::tag('option', $attr, Q($option['text']));
         }
@@ -570,7 +573,7 @@
      * @param array Cell attributes
      * @param string Cell content
      */
-    private function add_header($attr, $cont)
+    public function add_header($attr, $cont)
     {
         if (is_string($attr))
         $attr = array('class' => $attr);
@@ -586,7 +589,7 @@
      *
      * @param array Row attributes
      */
-    private function add_row($attr = array())
+    public function add_row($attr = array())
     {
         $this->rowindex++;
         $this->colindex = 0;
@@ -602,16 +605,18 @@
      * @param array Table attributes
      * @return string The final table HTML code
      */
-    public function show($attr = array())
+    public function show($attrib = null)
     {
-        $this->attrib = array_merge($this->attrib, $attr);
-        $thead = $tbody = "";
+	if (is_array($attrib))
+    	    $this->attrib = array_merge($this->attrib, $attrib);
+        
+	$thead = $tbody = "";
 
         // include <thead>
         if (!empty($this->header)) {
             $rowcontent = '';
             foreach ($this->header as $c => $col) {
-                $rowcontent .= self::tag('th', $col->attrib, $col->content);
+                $rowcontent .= self::tag('td', $col->attrib, $col->content);
             }
             $thead = self::tag('thead', null, self::tag('tr', null, $rowcontent));
         }
@@ -623,7 +628,7 @@
             }
 
             if ($r < $this->rowindex || count($row->cells)) {
-                $tbody .= self::tag('tr', $rows->attrib, $rowcontent);
+                $tbody .= self::tag('tr', $row->attrib, $rowcontent);
             }
         }
 

--
Gitblit v1.9.1