956de2a314de3a97578e024e824e0e7879cbaf12 larrym Tue Nov 8 16:35:37 2011 -0800 add attributeEncode diff --git src/lib/htmshell.c src/lib/htmshell.c index 28bccc4..b789404 100644 --- src/lib/htmshell.c +++ src/lib/htmshell.c @@ -177,30 +177,36 @@ { strSwapStrs(cleanQuote, size,"&" ,"&" ); // '&' is not the start of a control char strSwapStrs(cleanQuote, size,">" ,">" ); // '>' is not the close of a tag strSwapStrs(cleanQuote, size,"<" ,"<" ); // '<' is not the open of a tag if(cgiClientBrowser(NULL,NULL,NULL) == btFF) strSwapStrs(cleanQuote, size,"\n","|"); // FF does not support! Use "|" for '|' instead else strSwapStrs(cleanQuote, size,"\n","
"); // '\n' is supported on some browsers } strSwapStrs(cleanQuote, size,"\"","""); // Shield double quotes strSwapStrs(cleanQuote, size,"'" ,"'" ); // Shield single quotes return cleanQuote; } +char *attributeEncode(char *str) +{ +// encode double and single quotes in a string to be used as an element attribute +return replaceChars(replaceChars(str, "\"", """), "'", "'"); +} + char *htmlWarnStartPattern() /* Return starting pattern for warning message. */ { return "<!-- HGERROR-START -->\n"; } char *htmlWarnEndPattern() /* Return ending pattern for warning message. */ { return "<!-- HGERROR-END -->\n"; } void htmlWarnBoxSetup(FILE *f) /* Creates an invisible, empty warning box than can be filled with errors * and then made visible. */