From 7acd581d9441fb8ada4c46c58f4ec30a01507506 Mon Sep 17 00:00:00 2001 From: admin Date: Mon, 23 Oct 2006 21:37:22 +0000 Subject: --- system/helpers/form_helper.php | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 6d10a9862..7d594d72c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -335,8 +335,24 @@ function form_prep($str = '') { return ''; } + + $temp = '__TEMP_AMPERSANDS__'; + + // Replace entities to temporary markers so that + // htmlspecialchars won't mess them up + $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); + $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); + + $str = htmlspecialchars($str); + + // In case htmlspecialchars misses these. + $str = str_replace(array("'", '"'), array("'", """), $str); + + // Decode the temp markers back to entities + $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); + $str = preg_replace("/$temp(\w+);/","&\\1;",$str); - return str_replace(array("'", '"'), array("'", """), htmlspecialchars($str)); + return $str; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b