diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 5f47437f830d91c07aa9b5b26a0a15da836a95a8..6a8724a71be154856f69207570544021ee4ca9a7 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -31,7 +31,7 @@
* \file htdocs/core/class/html.form.class.php
* \ingroup core
* \brief File of class with all html predefined components
- * \version $Id: html.form.class.php,v 1.184 2011/06/29 15:48:03 grandoc Exp $
+ * \version $Id: html.form.class.php,v 1.185 2011/07/04 07:28:11 eldy Exp $
*/
@@ -163,19 +163,14 @@ class Form
if ($incbefore) $text = $incbefore.$text;
if (! $htmltext) return $text;
- $paramfortooltip ='';
-
// Sanitize tooltip
$htmltext=str_replace("\\","\\\\",$htmltext);
- //$htmltext=str_replace("'","\'",$htmltext);
- //$htmltext=str_replace("'","\'",$htmltext);
$htmltext=str_replace("\r","",$htmltext);
- $htmltext=str_replace("<br>\n","<br>",$htmltext);
$htmltext=str_replace("\n","",$htmltext);
$htmltext=str_replace('"',""",$htmltext);
- $extracss = (!empty($extracss) ? ' '.$extracss : '');
- $paramfortooltip.=' class="classfortooltip'.$extracss.'" title="'.$htmltext.'"'; // Attribut to put on td tag to store tooltip
+ $paramfortooltipimg=' class="classfortooltip'.($extracss?' '.$extracss:'').'" title="'.dol_escape_htmltag($htmltext,1).'"'; // Attribut to put on td img tag to store tooltip
+ $paramfortooltiptd =($extracss?' class="'.$extracss.'"':''); // Attribut to put on td text tag
$s="";
if (empty($notabs)) $s.='<table class="nobordernopadding" summary=""><tr>';
@@ -183,18 +178,18 @@ class Form
{
if ($text != '')
{
- $s.='<td'.$paramfortooltip.'>'.$text;
+ $s.='<td'.$paramfortooltiptd.'>'.$text;
if ($direction) $s.=' ';
$s.='</td>';
}
- if ($direction) $s.='<td'.$paramfortooltip.' valign="top" width="14">'.$img.'</td>';
+ if ($direction) $s.='<td'.$paramfortooltipimg.' valign="top" width="14">'.$img.'</td>';
}
else
{
- if ($direction) $s.='<td'.$paramfortooltip.' valign="top" width="14">'.$img.'</td>';
+ if ($direction) $s.='<td'.$paramfortooltipimg.' valign="top" width="14">'.$img.'</td>';
if ($text != '')
{
- $s.='<td'.$paramfortooltip.'>';
+ $s.='<td'.$paramfortooltiptd.'>';
if ($direction) $s.=' ';
$s.=$text.'</td>';
}
@@ -210,6 +205,7 @@ class Form
* @param htmltooltip Content of tooltip
* @param direction 1=Icon is after text, -1=Icon is before text
* @param type Type of picto (info, help, warning, superadmin...)
+ * @param extracss Add a CSS style to td tags
* @return string HTML code of text, picto, tooltip
*/
function textwithpicto($text,$htmltext,$direction=1,$type='help',$extracss='')
diff --git a/htdocs/lib/functions.lib.php b/htdocs/lib/functions.lib.php
index 69b57e0336fd061b06e5f6dac48169c91d3f9288..e3cd2d50cfba4d91225efe268502589aa5bc17b2 100644
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -29,7 +29,7 @@
* \file htdocs/lib/functions.lib.php
* \brief A set of functions for Dolibarr
* This file contains all frequently used functions.
- * \version $Id: functions.lib.php,v 1.534 2011/07/03 18:31:13 eldy Exp $
+ * \version $Id: functions.lib.php,v 1.535 2011/07/04 07:28:36 eldy Exp $
*/
// For compatibility during upgrade
@@ -319,19 +319,20 @@ function dol_escape_js($stringtoescape)
/**
- * \brief Returns text escaped for inclusion in HTML alt or title tags
- * \param $stringtoescape String to escape
- * \return string Escaped string
+ * Returns text escaped for inclusion in HTML alt or title tags
+ * @param $stringtoescape String to escape
+ * @param $keepb Do not clean <b> tags
+ * @return string Escaped string
*/
-function dol_escape_htmltag($stringtoescape)
+function dol_escape_htmltag($stringtoescape,$keepb=0)
{
// escape quotes and backslashes, newlines, etc.
$tmp=dol_html_entity_decode($stringtoescape,ENT_COMPAT,'UTF-8');
- $tmp=strtr($tmp, array('"'=>'',"\r"=>'\\r',"\n"=>'\\n',"<b>"=>'','</b>'=>''));
+ if ($keepb) $tmp=strtr($tmp, array('"'=>'',"\r"=>'\\r',"\n"=>'\\n'));
+ else $tmp=strtr($tmp, array('"'=>'',"\r"=>'\\r',"\n"=>'\\n',"<b>"=>'','</b>'=>''));
return dol_htmlentities($tmp,ENT_COMPAT,'UTF-8');
}
-
/* For backward compatiblity */
function dolibarr_syslog($message, $level=LOG_INFO)
{