Author: spadkins
Date: Tue Jun 10 06:07:50 2008
New Revision: 11396
Modified:
p5ee/trunk/App-Widget/lib/App/Widget.pm
p5ee/trunk/App-Widget/lib/App/Widget/Select.pm
Log:
fixed some HTML escaping for single quotes
Modified: p5ee/trunk/App-Widget/lib/App/Widget.pm
==============================================================================
--- p5ee/trunk/App-Widget/lib/App/Widget.pm (original)
+++ p5ee/trunk/App-Widget/lib/App/Widget.pm Tue Jun 10 06:07:50 2008
@@ -420,6 +420,7 @@
$text =~ s{<}{<}gso;
$text =~ s{>}{>}gso;
$text =~ s{\"}{"}gso;
+ $text =~ s{\'}{'}gso; # support for single quote
}
&App::sub_exit($text) if ($App::trace);
return $text;
Modified: p5ee/trunk/App-Widget/lib/App/Widget/Select.pm
==============================================================================
--- p5ee/trunk/App-Widget/lib/App/Widget/Select.pm (original)
+++ p5ee/trunk/App-Widget/lib/App/Widget/Select.pm Tue Jun 10 06:07:50 2008
@@ -112,13 +112,12 @@
}
for ($v = 0; $v <= $#$values; $v++) {
$value = $values->[$v];
- push(@html," <option value='$value'" .
- #(($value_exists{$value} || ($v == 0 && !$value_exists)) ? "
selected>" : ">") .
+ my $convert_value = $self->html_escape($value);
+ push(@html," <option value='$convert_value'" .
($value_exists{$value} ? " selected>" : ">") .
- ((defined $labels->{$value}) ? $labels->{$value} : $value) .
- "</option>\n");
+ ((defined $labels->{$value}) ?
$self->html_escape($labels->{$value}) : $convert_value) .
+ "</option>\n");
}
-
my $html_attribs = $self->html_attribs();
return "<select
name='$tagname'${size}${multiple}${tabindex}${onchange}$html_attribs>\n" .
join("",@html) . "</select>";
}
