Daniel O'Connor
2011-04-13 02:48:47 UTC
clockwerx Wed, 13 Apr 2011 02:48:47 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=310185
Log:
Minor checkbox control fixes, upgrade karma.php to qf2, update effectivepearuse to qf2 examples
Changed paths:
U pear/pearweb/trunk/public_html/account-request-newpackage.php
U pear/pearweb/trunk/public_html/admin/karma.php
U pear/pearweb/trunk/public_html/channels/edit.php
U pear/pearweb/trunk/public_html/support/effectivepearuse.php
Modified: pear/pearweb/trunk/public_html/account-request-newpackage.php
===================================================================
--- pear/pearweb/trunk/public_html/account-request-newpackage.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/account-request-newpackage.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -243,9 +243,8 @@
$checkbox = array();
foreach ($invalid_purposes as $i => $purposeKey) {
- $purpose->addElement('checkbox', $i)
- ->setLabel($purposeKey)
- ->setValue(@$_POST['purpose'][$i]);
+ $purpose->addElement('checkbox', $i, array('checked' => !empty($_POST['purpose'][$i])? 'checked' : ''))
+ ->setLabel($purposeKey);
}
$form->addElement('textarea', 'purpose',
Modified: pear/pearweb/trunk/public_html/admin/karma.php
===================================================================
--- pear/pearweb/trunk/public_html/admin/karma.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/admin/karma.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -18,7 +18,7 @@
$Id$
*/
-include_once 'HTML/QuickForm.php';
+include_once 'HTML/QuickForm2.php';
include_once 'HTML/Table.php';
require_once 'Damblan/Karma.php';
require_once 'Damblan/Mailer.php';
@@ -41,7 +41,7 @@
}
if ($handle === null || empty($handle)) {
- $form = new HTML_QuickForm('karma_edit', 'post', 'karma.php');
+ $form = new HTML_QuickForm2('karma_edit', 'post');
$form->removeAttribute('name');
include_once 'pear-database-user.php';
@@ -51,8 +51,8 @@
foreach ($list as $user) {
$users[$user['handle']] = $user['handle'] . ' (' . $user['name'] . ')';
}
- $form->addElement('select', 'handle', 'Handle: ', $users);
- $form->addElement('submit', 'submit', 'Submit Changes');
+ $form->addElement('select', 'handle')->setLabel('Handle: ')->loadOptions($users);
+ $form->addElement('submit', 'submit')->setLabel('Submit Changes');
$form->display();
} else {
@@ -111,13 +111,13 @@
$table = new HTML_Table('style="width: 100%"');
$table->setCaption("Grant karma to " . htmlspecialchars($handle), 'style="background-color: #CCCCCC;"');
- $form = new HTML_QuickForm('karma_grant', 'post', 'karma.php?action=grant');
+ $form = new HTML_QuickForm2('karma_grant', 'post', array('action' => 'karma.php?action=grant'));
$form->removeAttribute('name');
- $form->addElement('text', 'level', 'Level: ');
- $form->addElement('hidden', 'handle', htmlspecialchars($handle));
- $form->addElement('submit', 'submit', 'Submit Changes');
- $table->addRow(array($form->toHTML()));
+ $form->addElement('text', 'level')->setLabel('Level: ');
+ $form->addElement('hidden', 'handle')->setValue(htmlspecialchars($handle));
+ $form->addElement('submit', 'submit')->setLabel('Submit Changes');
+ $table->addRow(array((string)$form));
echo $table->toHTML();
}
@@ -153,4 +153,4 @@
echo '<br /><br />';
echo make_link('/admin/karma.php', 'Back');
-response_footer();
\ No newline at end of file
+response_footer();
Modified: pear/pearweb/trunk/public_html/channels/edit.php
===================================================================
--- pear/pearweb/trunk/public_html/channels/edit.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/channels/edit.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -93,7 +93,7 @@
$project_link->addFilter("htmlspecialchars");
$project_link->addRule('required', "Please enter your project link");
-$is_active = $form->addElement("checkbox", 'is_active', array('checked' => $channel["is_active"]));
+$is_active = $form->addElement("checkbox", 'is_active', array('checked' => $channel["is_active"]? 'checked' : ''));
$is_active->setLabel("Active?");
$form->addElement("submit");
Modified: pear/pearweb/trunk/public_html/support/effectivepearuse.php
===================================================================
--- pear/pearweb/trunk/public_html/support/effectivepearuse.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/support/effectivepearuse.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -93,28 +93,28 @@
</p>
<p>
-It is always best to let a well tested package, such as <a href="http://pear.php.net/HTML_QuickForm">HTML_QuickForm</a>, <a href="http://pear.php.net/MDB2">MDB2</a>, or <a href="http://pear.php.net/DB">DB</a> handle these values for you.
+It is always best to let a well tested package, such as <a href="http://pear.php.net/HTML_QuickForm2">HTML_QuickForm2</a>, <a href="http://pear.php.net/MDB2">MDB2</a>, or <a href="http://pear.php.net/DB">DB</a> handle these values for you.
</p>
<p>
-For input and output of form values, use HTML_QuickForm. It will automatically quote your values so as to stop XSS and will also make sure that magic_quotes_gpc isn't corrupting your values.
+For input and output of form values, use HTML_QuickForm2. It will automatically quote your values so as to stop XSS and will also make sure that magic_quotes_gpc isn't corrupting your values.
</p>
<?php
highlight_string('
<?php
$value = \'inject">XX<input name="password" type="hidden" value="h4cked\';
-require_once \'HTML/QuickForm.php\';
-$form = new HTML_QuickForm();
-$form->addElement(\'password\', \'password\', \'Enter your password\');
-$form->setDefaults($value);
+require_once \'HTML/QuickForm2.php\';
+$form = new HTML_QuickForm2();
+$password_control = $form->addElement(\'password\', \'password\')->setLabel(\'Enter your password\')->setValue($value);
+
if ($form->validate()) {
- echo \'Password entered: \' . htmlentities($form->exportValue(\'password\'));
+ echo \'Password entered: \' . htmlentities($password_control->getValue(\'password\'));
}
$form->display();') ?>
<p>
-If you had simply output <code>$value</code> without passing it through HTML_QuickForm you would have had injected HTML in your form. If you happened to have <pre>magic_quotes_gpc</pre> turned on (you should never have this on) then the value output would have had extra backslashes before any quotes passed in. If htmlentities() hadn't been run before outputting the value then any HTML entered would have been injected into your page.
+If you had simply output <code>$value</code> without passing it through HTML_QuickForm2 you would have had injected HTML in your form. If you happened to have <pre>magic_quotes_gpc</pre> turned on (you should never have this on) then the value output would have had extra backslashes before any quotes passed in. If htmlentities() hadn't been run before outputting the value then any HTML entered would have been injected into your page.
</p>
<p>
@@ -133,4 +133,4 @@
$db = DB::connect($dsn);
$sth = $db->query(\'SELECT * FROM table WHERE col = \' .
$db->quoteSmart($value));
-?>') ?>
\ No newline at end of file
+?>') ?>
Revision: http://svn.php.net/viewvc?view=revision&revision=310185
Log:
Minor checkbox control fixes, upgrade karma.php to qf2, update effectivepearuse to qf2 examples
Changed paths:
U pear/pearweb/trunk/public_html/account-request-newpackage.php
U pear/pearweb/trunk/public_html/admin/karma.php
U pear/pearweb/trunk/public_html/channels/edit.php
U pear/pearweb/trunk/public_html/support/effectivepearuse.php
Modified: pear/pearweb/trunk/public_html/account-request-newpackage.php
===================================================================
--- pear/pearweb/trunk/public_html/account-request-newpackage.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/account-request-newpackage.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -243,9 +243,8 @@
$checkbox = array();
foreach ($invalid_purposes as $i => $purposeKey) {
- $purpose->addElement('checkbox', $i)
- ->setLabel($purposeKey)
- ->setValue(@$_POST['purpose'][$i]);
+ $purpose->addElement('checkbox', $i, array('checked' => !empty($_POST['purpose'][$i])? 'checked' : ''))
+ ->setLabel($purposeKey);
}
$form->addElement('textarea', 'purpose',
Modified: pear/pearweb/trunk/public_html/admin/karma.php
===================================================================
--- pear/pearweb/trunk/public_html/admin/karma.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/admin/karma.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -18,7 +18,7 @@
$Id$
*/
-include_once 'HTML/QuickForm.php';
+include_once 'HTML/QuickForm2.php';
include_once 'HTML/Table.php';
require_once 'Damblan/Karma.php';
require_once 'Damblan/Mailer.php';
@@ -41,7 +41,7 @@
}
if ($handle === null || empty($handle)) {
- $form = new HTML_QuickForm('karma_edit', 'post', 'karma.php');
+ $form = new HTML_QuickForm2('karma_edit', 'post');
$form->removeAttribute('name');
include_once 'pear-database-user.php';
@@ -51,8 +51,8 @@
foreach ($list as $user) {
$users[$user['handle']] = $user['handle'] . ' (' . $user['name'] . ')';
}
- $form->addElement('select', 'handle', 'Handle: ', $users);
- $form->addElement('submit', 'submit', 'Submit Changes');
+ $form->addElement('select', 'handle')->setLabel('Handle: ')->loadOptions($users);
+ $form->addElement('submit', 'submit')->setLabel('Submit Changes');
$form->display();
} else {
@@ -111,13 +111,13 @@
$table = new HTML_Table('style="width: 100%"');
$table->setCaption("Grant karma to " . htmlspecialchars($handle), 'style="background-color: #CCCCCC;"');
- $form = new HTML_QuickForm('karma_grant', 'post', 'karma.php?action=grant');
+ $form = new HTML_QuickForm2('karma_grant', 'post', array('action' => 'karma.php?action=grant'));
$form->removeAttribute('name');
- $form->addElement('text', 'level', 'Level: ');
- $form->addElement('hidden', 'handle', htmlspecialchars($handle));
- $form->addElement('submit', 'submit', 'Submit Changes');
- $table->addRow(array($form->toHTML()));
+ $form->addElement('text', 'level')->setLabel('Level: ');
+ $form->addElement('hidden', 'handle')->setValue(htmlspecialchars($handle));
+ $form->addElement('submit', 'submit')->setLabel('Submit Changes');
+ $table->addRow(array((string)$form));
echo $table->toHTML();
}
@@ -153,4 +153,4 @@
echo '<br /><br />';
echo make_link('/admin/karma.php', 'Back');
-response_footer();
\ No newline at end of file
+response_footer();
Modified: pear/pearweb/trunk/public_html/channels/edit.php
===================================================================
--- pear/pearweb/trunk/public_html/channels/edit.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/channels/edit.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -93,7 +93,7 @@
$project_link->addFilter("htmlspecialchars");
$project_link->addRule('required', "Please enter your project link");
-$is_active = $form->addElement("checkbox", 'is_active', array('checked' => $channel["is_active"]));
+$is_active = $form->addElement("checkbox", 'is_active', array('checked' => $channel["is_active"]? 'checked' : ''));
$is_active->setLabel("Active?");
$form->addElement("submit");
Modified: pear/pearweb/trunk/public_html/support/effectivepearuse.php
===================================================================
--- pear/pearweb/trunk/public_html/support/effectivepearuse.php 2011-04-13 02:38:32 UTC (rev 310184)
+++ pear/pearweb/trunk/public_html/support/effectivepearuse.php 2011-04-13 02:48:47 UTC (rev 310185)
@@ -93,28 +93,28 @@
</p>
<p>
-It is always best to let a well tested package, such as <a href="http://pear.php.net/HTML_QuickForm">HTML_QuickForm</a>, <a href="http://pear.php.net/MDB2">MDB2</a>, or <a href="http://pear.php.net/DB">DB</a> handle these values for you.
+It is always best to let a well tested package, such as <a href="http://pear.php.net/HTML_QuickForm2">HTML_QuickForm2</a>, <a href="http://pear.php.net/MDB2">MDB2</a>, or <a href="http://pear.php.net/DB">DB</a> handle these values for you.
</p>
<p>
-For input and output of form values, use HTML_QuickForm. It will automatically quote your values so as to stop XSS and will also make sure that magic_quotes_gpc isn't corrupting your values.
+For input and output of form values, use HTML_QuickForm2. It will automatically quote your values so as to stop XSS and will also make sure that magic_quotes_gpc isn't corrupting your values.
</p>
<?php
highlight_string('
<?php
$value = \'inject">XX<input name="password" type="hidden" value="h4cked\';
-require_once \'HTML/QuickForm.php\';
-$form = new HTML_QuickForm();
-$form->addElement(\'password\', \'password\', \'Enter your password\');
-$form->setDefaults($value);
+require_once \'HTML/QuickForm2.php\';
+$form = new HTML_QuickForm2();
+$password_control = $form->addElement(\'password\', \'password\')->setLabel(\'Enter your password\')->setValue($value);
+
if ($form->validate()) {
- echo \'Password entered: \' . htmlentities($form->exportValue(\'password\'));
+ echo \'Password entered: \' . htmlentities($password_control->getValue(\'password\'));
}
$form->display();') ?>
<p>
-If you had simply output <code>$value</code> without passing it through HTML_QuickForm you would have had injected HTML in your form. If you happened to have <pre>magic_quotes_gpc</pre> turned on (you should never have this on) then the value output would have had extra backslashes before any quotes passed in. If htmlentities() hadn't been run before outputting the value then any HTML entered would have been injected into your page.
+If you had simply output <code>$value</code> without passing it through HTML_QuickForm2 you would have had injected HTML in your form. If you happened to have <pre>magic_quotes_gpc</pre> turned on (you should never have this on) then the value output would have had extra backslashes before any quotes passed in. If htmlentities() hadn't been run before outputting the value then any HTML entered would have been injected into your page.
</p>
<p>
@@ -133,4 +133,4 @@
$db = DB::connect($dsn);
$sth = $db->query(\'SELECT * FROM table WHERE col = \' .
$db->quoteSmart($value));
-?>') ?>
\ No newline at end of file
+?>') ?>