Skip to content

Commit

Permalink
[Form] Escape value in textField #276
Browse files Browse the repository at this point in the history
  • Loading branch information
@asika32764
asika32764 committed Apr 2, 2016
1 parent e0b2115 commit dae335c
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 3 deletions.
14 changes: 14 additions & 0 deletions src/Form/Field/AbstractField.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -935,4 +935,18 @@ public function setForm($form)

return $this;
}

/**
* Escape html string.
*
* @param string $text
*
* @return string
*
* @since 2.1.9
*/
public function escape($text)
{
return htmlspecialchars($text, ENT_COMPAT, 'UTF-8');
}
}
2 changes: 1 addition & 1 deletion src/Form/Field/TextField.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ public function prepare(&$attrs)
$attrs['readonly'] = $this->getAttribute('readonly');
$attrs['disabled'] = $this->getAttribute('disabled');
$attrs['onchange'] = $this->getAttribute('onchange');
$attrs['value'] = $this->getValue();
$attrs['value'] = $this->escape($this->getValue());
$attrs['required'] = $this->required;

$attrs = array_merge($attrs, (array) $this->getAttribute('attribs'));
Expand Down
2 changes: 1 addition & 1 deletion src/Form/Test/Field/TextFieldTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ protected function tearDown()
public function testRender()
{
$html = <<<HTML
<input type="text" name="flower" id="test-field" class="stub-flower" placeholder="th" size="60" maxlength="10" readonly="readonly" disabled="disabled" onchange="javascript:void(0);" data-test-element />
<input type="text" name="flower" id="test-field" class="stub-flower" placeholder="th" size="60" maxlength="10" readonly="readonly" disabled="disabled" onchange="javascript:void(0);" value="" data-test-element />
HTML;

$this->assertDomStringEqualsDomString($html, $this->instance->renderInput());
Expand Down
2 changes: 1 addition & 1 deletion src/Form/Test/FormTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -509,7 +509,7 @@ public function testRenderField()
{
$form = $this->getByDefine('windwalker');

$html = '<div id="input-windwalker-id-control" class="text-field "><label id="input-windwalker-id-label" for="input-windwalker-id">ID</label><input type="text" name="windwalker[id]" id="input-windwalker-id" class="control-input" /></div>';
$html = '<div id="input-windwalker-id-control" class="text-field "><label id="input-windwalker-id-label" for="input-windwalker-id">ID</label><input type="text" name="windwalker[id]" id="input-windwalker-id" class="control-input" value="" /></div>';

$this->assertEquals($html, $form->renderField('id'));

Expand Down

0 comments on commit dae335c

Please sign in to comment.