+//FIXME: all the values in the $aAttribs list and $sName and both the keys and values in $aValues used to go thru htmlspecialchars()... I would propose that most everything that is assigned to the template should go thru that *in the template class* on its way between here and the actual template file. Otherwise we have to do something like: foreach ($aAttribs as $key => $value) $aAttribs[$key] = htmlspecialchars($value); $sName = htmlspecialchars($sName); $aNewValues = array(); foreach ($aValues as $key => $value) $aNewValues[htmlspecialchars($key)] = htmlspecialchars($value); $aValues = $aNewValues; And probably this too because it has to be matched to a value that has already been sanitized: $default = htmlspecialchars($default);
+ $oTemplate->assign('aAttribs', $aAttribs);
+ $oTemplate->assign('aValues', $aValues);
+ $oTemplate->assign('bUsekeys', $bUsekeys);
+ $oTemplate->assign('default', $default);
+ $oTemplate->assign('name', $sName);
+
+ return $oTemplate->fetch('select.tpl');
+}
+
+/**
+ * Normal button
+ *
+ * Note the switched value/name parameters!
+ * Note also that regular buttons are not very useful unless
+ * used with onclick handlers, thus are only really appropriate
+ * if you use them after having checked if JavaScript is turned
+ * on by doing this: if (checkForJavascript()) ...
+ *
+ * @param string $sValue button name
+ * @param string $sName key name
+ * @param array $aAttribs extra attributes
+ *
+ * @return string html formated submit input field
+ *
+ * @since 1.5.2
+ */
+function addButton($sValue, $sName = null, $aAttribs=array()) {
+ $aAttribs['value'] = $sValue;
+ if (! is_null($sName)) $aAttribs['name'] = $sName;
+ // add default css
+ if (! isset($aAttribs['class'])) $aAttribs['class'] = 'sqmsubmitfield';
+ return addInputField('button', $aAttribs);