X-Git-Url: https://git-public.kairo.at/?p=php-utility-classes.git;a=blobdiff_plain;f=include%2Fcbsm%2Futil%2Fdocument.php-class;h=6a36dfc704987e24c8bb5ea5bb9b120cd12c0b03;hp=a10041a9dc6c2b2e9cfaeb02b5816978e694f680;hb=6e698a41c5017150623531a9f2d6ec3baceda9c2;hpb=645a7eb6de6a6b0ecdac1a9edb56fe18ce950829 diff --git a/include/cbsm/util/document.php-class b/include/cbsm/util/document.php-class index a10041a..6a36dfc 100755 --- a/include/cbsm/util/document.php-class +++ b/include/cbsm/util/document.php-class @@ -187,7 +187,10 @@ class ExtendedDocument extends DOMDocument { } function appendElement($name, $value = '') { - return $this->appendChild($this->createElement($name, $value)); + // Adding the $value in createElement does NOT escape it, so use appendText to support that. + $aelem = $this->appendChild($this->createElement($name)); + $aelem->appendText($value); + return $aelem; } function appendElementXML($name, $xmldata) { $aelem = $this->appendChild($this->createElement($name)); @@ -270,16 +273,17 @@ class ExtendedDocument extends DOMDocument { } function createElementLink($target, $value = '') { - $link = $this->createElement('a', $value); + $link = $this->createElement('a'); + $link->appendText($value); $link->setAttribute('href', $target); // XXX: take care of & etc. in links return $link; } function createElementImage($src, $alt_text = '') { - $link = $this->createElement('img'); - $link->setAttribute('src', $src); - $link->setAttribute('alt', $alt_text); - return $link; + $img = $this->createElement('img'); + $img->setAttribute('src', $src); + $img->setAttribute('alt', $alt_text); + return $img; } function createElementForm($action, $method, $name) { @@ -310,14 +314,14 @@ class ExtendedDocument extends DOMDocument { } function createElementInputPassword($name, $maxlength, $size, $id = null, $value = null) { - $txfield = $this->createElement('input'); - $txfield->setAttribute('type', 'password'); - if (!is_null($id)) { $txfield->setAttribute('id', $id); } - $txfield->setAttribute('name', $name); - $txfield->setAttribute('maxlength', $maxlength); - $txfield->setAttribute('size', $size); - if (!is_null($value)) { $txfield->setAttribute('value', $value); } - return $txfield; + $pwfield = $this->createElement('input'); + $pwfield->setAttribute('type', 'password'); + if (!is_null($id)) { $pwfield->setAttribute('id', $id); } + $pwfield->setAttribute('name', $name); + $pwfield->setAttribute('maxlength', $maxlength); + $pwfield->setAttribute('size', $size); + if (!is_null($value)) { $pwfield->setAttribute('value', $value); } + return $pwfield; } function createElementInputRadio($name, $id, $value, $checked) { @@ -499,7 +503,10 @@ class ExtendedElement extends DOMElement { // returns the new child function appendElement($name, $value = '') { - return $this->appendChild($this->ownerDocument->createElement($name, $value)); + // Adding the $value in createElement does NOT escape it, so use appendText to support that. + $aelem = $this->appendChild($this->ownerDocument->createElement($name)); + $aelem->appendText($value); + return $aelem; } function appendElementXML($name, $xmldata) { $aelem = $this->appendChild($this->ownerDocument->createElement($name)); @@ -663,7 +670,10 @@ class ExtendedDocumentFragment extends DOMDocumentFragment { // returns the new child function appendElement($name, $value = '') { - return $this->appendChild($this->ownerDocument->createElement($name, $value)); + // Adding the $value in createElement does NOT escape it, so use appendText to support that. + $aelem = $this->appendChild($this->ownerDocument->createElement($name)); + $aelem->appendText($value); + return $aelem; } function appendElementXML($name, $xmldata) { $aelem = $this->appendChild($this->ownerDocument->createElement($name));