/**
* forms.php
*
- * Copyright (c) 2004 The SquirrelMail Project Team
+ * Copyright (c) 2004-2005 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* Functions to build HTML forms in a safe and consistent manner.
* All name, value attributes are htmlentitied.
*
- * $Id$
+ * @version $Id$
* @package squirrelmail
+ * @subpackage forms
*/
/**
*/
function addInputField($type, $name = null, $value = null, $attributes = '') {
return '<input type="'.$type.'"'.
- ($name !== null ? ' name="'.htmlentities($name).'"' : '').
- ($value !== null ? ' value="'.htmlentities($value).'"' : '').
- $attributes . ">\n";
+ ($name !== null ? ' name="'.htmlspecialchars($name).'"' : '').
+ ($value !== null ? ' value="'.htmlspecialchars($value).'"' : '').
+ $attributes . " />\n";
}
/**
* Password input field
*/
-function addPwField($name) {
- return addInputField('password', $name);
+function addPwField($name , $value = null) {
+ return addInputField('password', $name , $value);
}
/**
* Form checkbox
*/
-function addCheckBox($name, $checked = false, $value='') {
+function addCheckBox($name, $checked = false, $value = null) {
return addInputField('checkbox', $name, $value,
- ($checked ? ' checked' : ''));
+ ($checked ? ' checked="checked"' : ''));
}
/**
* Form radio box
*/
-function addRadioBox($name, $checked = false, $value='') {
- return addInputField('radio', $name, $value,
- ($checked ? ' checked' : ''));
+function addRadioBox($name, $checked = false, $value = null) {
+ return addInputField('radio', $name, $value,
+ ($checked ? ' checked="checked"' : ''));
}
/**
* Function to create a selectlist from an array.
* Usage:
* name: html name attribute
- * values: array ( key => value ) -> <option value="key">value
+ * values: array ( key => value ) -> <option value="key">value</option>
* default: the key that will be selected
* usekeys: use the keys of the array as option value or not
*/
if(count($values) == 1) {
$k = key($values); $v = array_pop($values);
return addHidden($name, ($usekeys ? $k:$v)).
- htmlentities($v) . "\n";
+ htmlspecialchars($v) . "\n";
}
- $ret = '<select name="'.htmlentities($name) . "\">\n";
+ $ret = '<select name="'.htmlspecialchars($name) . "\">\n";
foreach ($values as $k => $v) {
if(!$usekeys) $k = $v;
$ret .= '<option value="' .
- htmlentities( $k ) . '"' .
- (($default == $k) ? ' selected':'') .
- '>' . htmlentities($v) ."</option>\n";
+ htmlspecialchars( $k ) . '"' .
+ (($default == $k) ? ' selected="selected"' : '') .
+ '>' . htmlspecialchars($v) ."</option>\n";
}
$ret .= "</select>\n";
* Textarea form element.
*/
function addTextArea($name, $text = '', $cols = 40, $rows = 10, $attr = '') {
- return '<textarea name="'.htmlentities($name).'" '.
- 'rows="'.(int)$rows .'" cols="'.(int)$cols.'"'.
- $attr . '">'.htmlentities($text) ."</textarea>\n";
+ return '<textarea name="'.htmlspecialchars($name).'" '.
+ 'rows="'.(int)$rows .'" cols="'.(int)$cols.'" '.
+ $attr . '>'.htmlspecialchars($text) ."</textarea>\n";
}
/**
* Make a <form> start-tag.
*/
-function addForm($action, $method = 'POST', $name = '', $enctype = '', $charset = '')
+function addForm($action, $method = 'post', $name = '', $enctype = '', $charset = '')
{
if($name) {
$name = ' name="'.$name.'"';
}
return '<form action="'. $action .'" method="'. $method .'"'.
- $enctype . $name . $charset . "\">\n";
+ $enctype . $name . $charset . ">\n";
}
-
+?>
\ No newline at end of file