diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 5f47437f830..6a8724a71be 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -31,7 +31,7 @@
* \file htdocs/core/class/html.form.class.php
* \ingroup core
* \brief File of class with all html predefined components
- * \version $Id: html.form.class.php,v 1.184 2011/06/29 15:48:03 grandoc Exp $
+ * \version $Id: html.form.class.php,v 1.185 2011/07/04 07:28:11 eldy Exp $
*/
@@ -163,19 +163,14 @@ class Form
if ($incbefore) $text = $incbefore.$text;
if (! $htmltext) return $text;
- $paramfortooltip ='';
-
// Sanitize tooltip
$htmltext=str_replace("\\","\\\\",$htmltext);
- //$htmltext=str_replace("'","\'",$htmltext);
- //$htmltext=str_replace("'","\'",$htmltext);
$htmltext=str_replace("\r","",$htmltext);
- $htmltext=str_replace("
\n","
",$htmltext);
$htmltext=str_replace("\n","",$htmltext);
$htmltext=str_replace('"',""",$htmltext);
- $extracss = (!empty($extracss) ? ' '.$extracss : '');
- $paramfortooltip.=' class="classfortooltip'.$extracss.'" title="'.$htmltext.'"'; // Attribut to put on td tag to store tooltip
+ $paramfortooltipimg=' class="classfortooltip'.($extracss?' '.$extracss:'').'" title="'.dol_escape_htmltag($htmltext,1).'"'; // Attribut to put on td img tag to store tooltip
+ $paramfortooltiptd =($extracss?' class="'.$extracss.'"':''); // Attribut to put on td text tag
$s="";
if (empty($notabs)) $s.='';
@@ -183,18 +178,18 @@ class Form
{
if ($text != '')
{
- $s.=''.$text;
+ $s.=''.$text;
if ($direction) $s.=' ';
$s.='';
}
- if ($direction) $s.=''.$img.'';
+ if ($direction) $s.=''.$img.'';
}
else
{
- if ($direction) $s.=''.$img.'';
+ if ($direction) $s.=''.$img.'';
if ($text != '')
{
- $s.='';
+ $s.='';
if ($direction) $s.=' ';
$s.=$text.'';
}
@@ -210,6 +205,7 @@ class Form
* @param htmltooltip Content of tooltip
* @param direction 1=Icon is after text, -1=Icon is before text
* @param type Type of picto (info, help, warning, superadmin...)
+ * @param extracss Add a CSS style to td tags
* @return string HTML code of text, picto, tooltip
*/
function textwithpicto($text,$htmltext,$direction=1,$type='help',$extracss='')
diff --git a/htdocs/lib/functions.lib.php b/htdocs/lib/functions.lib.php
index 69b57e0336f..e3cd2d50cfb 100644
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -29,7 +29,7 @@
* \file htdocs/lib/functions.lib.php
* \brief A set of functions for Dolibarr
* This file contains all frequently used functions.
- * \version $Id: functions.lib.php,v 1.534 2011/07/03 18:31:13 eldy Exp $
+ * \version $Id: functions.lib.php,v 1.535 2011/07/04 07:28:36 eldy Exp $
*/
// For compatibility during upgrade
@@ -319,19 +319,20 @@ function dol_escape_js($stringtoescape)
/**
- * \brief Returns text escaped for inclusion in HTML alt or title tags
- * \param $stringtoescape String to escape
- * \return string Escaped string
+ * Returns text escaped for inclusion in HTML alt or title tags
+ * @param $stringtoescape String to escape
+ * @param $keepb Do not clean tags
+ * @return string Escaped string
*/
-function dol_escape_htmltag($stringtoescape)
+function dol_escape_htmltag($stringtoescape,$keepb=0)
{
// escape quotes and backslashes, newlines, etc.
$tmp=dol_html_entity_decode($stringtoescape,ENT_COMPAT,'UTF-8');
- $tmp=strtr($tmp, array('"'=>'',"\r"=>'\\r',"\n"=>'\\n',""=>'',''=>''));
+ if ($keepb) $tmp=strtr($tmp, array('"'=>'',"\r"=>'\\r',"\n"=>'\\n'));
+ else $tmp=strtr($tmp, array('"'=>'',"\r"=>'\\r',"\n"=>'\\n',""=>'',''=>''));
return dol_htmlentities($tmp,ENT_COMPAT,'UTF-8');
}
-
/* For backward compatiblity */
function dolibarr_syslog($message, $level=LOG_INFO)
{