summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2015-02-05 14:49:47 +0100
committerAndrey Andreev <narf@devilix.net>2015-02-05 14:49:47 +0100
commitfa76607c7b5e5414b50680be512dd23920f52e9b (patch)
tree9460d2cbaaadff6d4608d14e8860e05f17a192af /user_guide_src
parent79533cac482a9d8f9211c8ff607968de3b27d1e4 (diff)
parentfa61fb236654fbd3eea82d437da28c9aab33e559 (diff)
Merge pull request #3562 from avenirer/patch-1
Allow not escaping the value in set_value()
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/source/changelog.rst1
-rw-r--r--user_guide_src/source/helpers/form_helper.rst12
2 files changed, 6 insertions, 7 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index a0c0de83f..5c5cd5e54 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -105,6 +105,7 @@ Release Date: Not Released
- :php:func:`form_dropdown()` will now also take an array for unity with other form helpers.
- :php:func:`form_prep()` is now DEPRECATED and only acts as an alias for :doc:`common function <general/common_functions>` :php:func:`html_escape()`.
+ - :php:func:`set_value()` will now also accept a third argument, allowing to turn off HTML escaping of the value.
- :doc:`Security Helper <helpers/security_helper>` changes include:
diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst
index 15f5d7825..362c9c35d 100644
--- a/user_guide_src/source/helpers/form_helper.rst
+++ b/user_guide_src/source/helpers/form_helper.rst
@@ -581,7 +581,9 @@ The following functions are available:
Permits you to set the value of an input form or textarea. You must
supply the field name via the first parameter of the function. The
second (optional) parameter allows you to set a default value for the
- form.
+ form. The third (optional) parameter allows you to turn off HTML escaping
+ of the value, in case you need to use this function in combination with
+ i.e. :php:func:`form_input()` and avoid double-escaping.
Example::
@@ -589,11 +591,7 @@ The following functions are available:
The above form will show "0" when loaded for the first time.
- .. note:: Only use this function with raw HTML fields, as it
- internally calls :php:func:`html_escape()` and combining its
- usage with other form helper functions will result in
- double HTML encoding!
-
+
.. php:function:: set_select($field[, $value = ''[, $default = FALSE]])
:param string $field: Field name
@@ -718,4 +716,4 @@ The following functions are available:
.. note:: This function is DEPRECATED and is just an alias for
:doc:`common function <../general/common_functions>`
- :func:`html_escape()` - please use that instead. \ No newline at end of file
+ :func:`html_escape()` - please use that instead.