<?php
+
/**
* forms.php - html form functions
*
- * Copyright (c) 2004-2005 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
* Functions to build HTML forms in a safe and consistent manner.
* All attribute values are sanitized with htmlspecialchars().
*
* @link http://www.section508.gov/ Section 508
* @link http://www.w3.org/WAI/ Web Accessibility Initiative (WAI)
* @link http://www.w3.org/TR/html4/ W3.org HTML 4.01 form specs
+ * @copyright © 2004-2006 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
* @subpackage forms
$sAttribs = '';
// define unique identifier
if (! isset($aAttribs['id']) && isset($aAttribs['name']) && ! is_null($aAttribs['name'])) {
- $aAttribs['id'] = $aAttribs['name'];
+ /**
+ * if 'id' is not set, set it to 'name' and replace brackets
+ * with underscores. 'name' might contain field name with squire
+ * brackets (array). Brackets are not allowed in id (validator.w3.org
+ * fails to validate document). According to html 4.01 manual cdata
+ * type description, 'name' attribute uses same type, but validator.w3.org
+ * does not barf on brackets in 'name' attributes.
+ */
+ $aAttribs['id'] = strtr($aAttribs['name'],'[]','__');
}
// create attribute string (do we have to sanitize keys?)
foreach ($aAttribs as $key => $value) {
$sEnctype . $sName . $sCharset . $sAttribs . ">\n";
}
-?>
+?>
\ No newline at end of file
projects / squirrelmail.git / blobdiff