html.c: add html_url_arg

This function can be used to properly escape querystring parameter values.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
Lars Hjemli 2008-10-05 12:49:46 +02:00
parent f82b19407d
commit a36a0d9dec
2 changed files with 17 additions and 0 deletions

16
html.c
View File

@ -128,6 +128,22 @@ void html_attr(char *txt)
html(txt); html(txt);
} }
void html_url_arg(char *txt)
{
char *t = txt;
while(t && *t){
int c = *t;
if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
write(htmlfd, txt, t - txt);
write(htmlfd, fmt("%%%2x", c), 3);
txt = t+1;
}
t++;
}
if (t!=txt)
html(txt);
}
void html_hidden(char *name, char *value) void html_hidden(char *name, char *value)
{ {
html("<input type='hidden' name='"); html("<input type='hidden' name='");

1
html.h
View File

@ -10,6 +10,7 @@ extern void html_status(int code, const char *msg, int more_headers);
extern void html_txt(char *txt); extern void html_txt(char *txt);
extern void html_ntxt(int len, char *txt); extern void html_ntxt(int len, char *txt);
extern void html_attr(char *txt); extern void html_attr(char *txt);
extern void html_url_arg(char *txt);
extern void html_hidden(char *name, char *value); extern void html_hidden(char *name, char *value);
extern void html_option(char *value, char *text, char *selected_value); extern void html_option(char *value, char *text, char *selected_value);
extern void html_link_open(char *url, char *title, char *class); extern void html_link_open(char *url, char *title, char *class);