summaryrefslogtreecommitdiffstats
path: root/user_guide_src/source/helpers
diff options
context:
space:
mode:
authorJonatas Miguel <jonatas.df.miguel@gmail.com>2012-10-31 15:44:02 +0100
committerJonatas Miguel <jonatas.df.miguel@gmail.com>2012-10-31 15:44:02 +0100
commit3ccc386be4e0e1e4b3d47f1785e11d4b8613ef72 (patch)
treef1c8cd29775537b8da76143edeec5b6c8d659550 /user_guide_src/source/helpers
parenta9a1d2520493211ca35f7ab56866d0e154afc1c3 (diff)
parentf2b19fee7876708c7a7bb5cba6b7df682a9d2a53 (diff)
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into develop
Diffstat (limited to 'user_guide_src/source/helpers')
-rw-r--r--user_guide_src/source/helpers/form_helper.rst47
-rw-r--r--user_guide_src/source/helpers/string_helper.rst3
2 files changed, 26 insertions, 24 deletions
diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst
index fa7b3dbf9..015bf1162 100644
--- a/user_guide_src/source/helpers/form_helper.rst
+++ b/user_guide_src/source/helpers/form_helper.rst
@@ -463,29 +463,6 @@ the tag. For example
echo form_close($string);
// Would produce: </form> </div></div>
-form_prep()
-===========
-
-Allows you to safely use HTML and characters such as quotes within form
-elements without breaking out of the form. Consider this example
-
-::
-
- $string = 'Here is a string containing "quoted" text.';
- <input type="text" name="myform" value="$string" />
-
-Since the above string contains a set of quotes it will cause the form
-to break. The `form_prep()` function converts HTML so that it can be used
-safely
-
-::
-
- <input type="text" name="myform" value="<?php echo form_prep($string); ?>" />
-
-.. note:: If you use any of the form helper functions listed in this page the form
- values will be prepped automatically, so there is no need to call this
- function. Use it only if you are creating your own form elements.
-
set_value()
===========
@@ -546,4 +523,26 @@ This function is identical to the **set_checkbox()** function above.
.. note:: If you are using the Form Validation class, you must always specify a rule for your field,
even if empty, in order for the set_*() functions to work. This is because if a Form Validation object
is defined, the control for set_*() is handed over to a method of the class instead of the generic helper
- function. \ No newline at end of file
+ function.
+
+Escaping field values
+=====================
+
+You may need to use HTML and characters such as quotes within form
+elements. In order to do that safely, you'll need to use
+:doc:`common function <../general/common_functions>` ``html_escape()``.
+
+Consider the following example::
+
+ $string = 'Here is a string containing "quoted" text.';
+ <input type="text" name="myform" value="$string" />
+
+Since the above string contains a set of quotes it will cause the form
+to break. The ``html_escape()`` function converts HTML so that it can be
+used safely::
+
+ <input type="text" name="myform" value="<?php echo html_escape($string); ?>" />
+
+.. note:: If you use any of the form helper functions listed in this page, the form
+ values will be prepped automatically, so there is no need to call this
+ function. Use it only if you are creating your own form elements. \ No newline at end of file
diff --git a/user_guide_src/source/helpers/string_helper.rst b/user_guide_src/source/helpers/string_helper.rst
index 19500aa0d..530af2f89 100644
--- a/user_guide_src/source/helpers/string_helper.rst
+++ b/user_guide_src/source/helpers/string_helper.rst
@@ -96,6 +96,9 @@ Generates repeating copies of the data you submit. Example
The above would generate 30 newlines.
+.. note:: This function is DEPRECATED. Use the native ``str_repeat()``
+ instead.
+
reduce_double_slashes()
=======================