Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Debug v21

Browse Source
This commit is contained in:
Laurent Destailleur (aka Eldy)
2025-01-26 20:35:23 +01:00
parent b5229f7b3e
commit 326d063358
1 changed files with 17 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
htdocs/core/lib/functions.lib.php
View File

@@ -2015,12 +2015,13 @@ function dol_escape_xml($stringtoescape)
* Return a string label (so on 1 line only and that should not contains any HTML) ready to be output on HTML page. * Return a string label (so on 1 line only and that should not contains any HTML) ready to be output on HTML page.
* To use text that is not HTML content inside an attribute, you can simply use only dol_escape_htmltag(). In doubt, use dolPrintHTMLForAttribute(). * To use text that is not HTML content inside an attribute, you can simply use only dol_escape_htmltag(). In doubt, use dolPrintHTMLForAttribute().
* *
* @param string $s String to print * @param string $s String to print
* @return string String ready for HTML output * @param int $escapeonlyhtmltags 1=Escape only html tags, not the special chars like accents.
* @return string String ready for HTML output
*/ */
function dolPrintLabel($s) function dolPrintLabel($s, $escapeonlyhtmltags = 0)
{ {
return dol_escape_htmltag(dol_string_nohtmltag($s, 1, 'UTF-8', 0, 0), 0, 0, '', 0, 1); return dol_escape_htmltag(dol_string_nohtmltag($s, 1, 'UTF-8', 0, 0), 0, 0, '', $escapeonlyhtmltags, 1);
} }
/** /**
@@ -2051,18 +2052,23 @@ function dolPrintHTML($s, $allowiframe = 0)
} }
/** /**
* Return a string ready to be output on an HTML attribute (alt, title, data-html, ...) * Return a string ready to be output into an HTML attribute (alt, title, data-html, ...)
* With dolPrintHTMLForAttribute(), the content is HTML encode, even if it is already HTML content. * With dolPrintHTMLForAttribute(), the content is HTML encode, even if it is already HTML content.
* *
* @param string $s String to print * @param string $s String to print
* @return string String ready for HTML output * @param int $escapeonlyhtmltags 1=Escape only html tags, not the special chars like accents.
* @return string String ready for HTML output
* @see dolPrintHTML(), dolPrintHTMLFortextArea() * @see dolPrintHTML(), dolPrintHTMLFortextArea()
*/ */
function dolPrintHTMLForAttribute($s) function dolPrintHTMLForAttribute($s, $escapeonlyhtmltags = 0)
{ {
// The dol_htmlentitiesbr will convert simple text into html // The dol_htmlentitiesbr will convert simple text into html, including switching accent into HTML entities
// The dol_escape_htmltag will escape html chars. // The dol_escape_htmltag will escape html tags.
return dol_escape_htmltag(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 0, 1); if ($escapeonlyhtmltags) {
return dol_escape_htmltag(dol_string_onlythesehtmltags($s, 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 1, 1);
} else {
return dol_escape_htmltag(dol_string_onlythesehtmltags(dol_htmlentitiesbr($s), 1, 0, 0, 0, array('br', 'b', 'font', 'hr', 'span')), 1, -1, '', 0, 1);
}
} }
/** /**