[Templates-cvs] cvs commit: Template2/lib/Template/Plugin Image.pm
cvs@template-toolkit.org
cvs@template-toolkit.org
cvs 05/11/29 07:37:48
Modified: lib/Template/Plugin Image.pm
Log:
* applied a patch from Bill Moseley to escape attributes in the tag() method
Revision Changes Path
1.15 +14 -3 Template2/lib/Template/Plugin/Image.pm
Index: Image.pm
===================================================================
RCS file: /template-toolkit/Template2/lib/Template/Plugin/Image.pm,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- Image.pm 2004/01/30 19:33:17 1.14
+++ Image.pm 2005/11/29 07:37:48 1.15
@@ -13,7 +13,7 @@
# modify it under the same terms as Perl itself.
#
# REVISION
-# $Id: Image.pm,v 1.14 2004/01/30 19:33:17 abw Exp $
+# $Id: Image.pm,v 1.15 2005/11/29 07:37:48 abw Exp $
#
#============================================================================
@@ -31,7 +31,7 @@
use base qw( Template::Plugin );
use vars qw( $VERSION $AUTOLOAD );
-$VERSION = sprintf("%d.%02d", q$Revision: 1.14 $ =~ /(\d+)\.(\d+)/);
+$VERSION = sprintf("%d.%02d", q$Revision: 1.15 $ =~ /(\d+)\.(\d+)/);
BEGIN {
if (eval { require Image::Info; }) {
@@ -163,7 +163,8 @@
if (%$options) {
while (my ($key, $val) = each %$options) {
- $tag .= " $key=\"$val\"";
+ my $escaped = escape( $val );
+ $tag .= qq[ $key="$escaped"];
}
}
@@ -172,6 +173,16 @@
return $tag;
}
+sub escape {
+ my ($text) = @_;
+ for ($text) {
+ s/&/&/g;
+ s/</</g;
+ s/>/>/g;
+ s/"/"/g;
+ }
+ $text;
+}
sub throw {
my ($self, $error) = @_;