Hi Stas, At 03:11 14.11.2002, Stas Bekman wrote:
If it's already escaped, it can't be escaped one more time, because when escaped it's become ', so there's no single quote there to escape again. So no backward compatibility problem.Geoffrey Young wrote:hi all...Don't we have a problem with backwards compatibility here? If people were adding extra code to escape ' without checking that it's already escaped, now if we do it in escape_html(), there is a problem as it'd be escaped twice. Thus this change will break other people's code.
below is a patch, created (mostly) by darren, for functionality requested by a user.
basically, Martin has asked for single quotes to be automatically escaped by
escape_html(), alongside the other 4 escapes (<, >, &, ").
Perhaps, escape_html() could optionally accept a range of chars to escape similar to HTML::Entities::encode_entities, and then the problem is solved without breaking anything.I think this is going a little too far, especially for 1.0. I think we should just make this small change, and leave it as is afterwards.
--
Per Einar Ellefsen
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
