From c6fc56cdba4b317856b792fafbb260a1ffaab427 Mon Sep 17 00:00:00 2001 From: Michael M Slusarz Date: Fri, 30 Jul 2010 11:22:22 -0600 Subject: [PATCH] Fix popup JS code. --- framework/Core/lib/Horde.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php index cc997dffc..19e71b431 100644 --- a/framework/Core/lib/Horde.php +++ b/framework/Core/lib/Horde.php @@ -597,15 +597,21 @@ HTML; * 
      * 'charset' - (string) The charset of $data.
      *             DEFAULT: Horde_Registry::getCharset()
+     * 'nodelimit' - (boolean) Don't add security delimiters?
+     *               DEFAULT: false
      * 'urlencode' - (boolean) URL encode the json string
-     *               DEFAULT: No
+     *               DEFAULT: false
      *
* * @return string The escaped string. */ - static public function escapeJson($data, $options = array()) + static public function escapeJson($data, array $options = array()) { - $json = '/*-secure-' . Horde_Serialize::serialize($data, Horde_Serialize::JSON, empty($options['charset']) ? $GLOBALS['registry']->getCharset() : $options['charset']) . '*/'; + $json = Horde_Serialize::serialize($data, Horde_Serialize::JSON, empty($options['charset']) ? $GLOBALS['registry']->getCharset() : $options['charset']); + if (empty($options['nodelimit'])) { + $json = '/*-secure-' . $json . '*/'; + } + return empty($options['urlencode']) ? $json : '\'' . rawurlencode($json) . '\''; @@ -1955,7 +1961,7 @@ HTML; $params->width = $options['width']; } - return 'void(Horde.popup(' . self::escapeJson($params, array('urlencode' => !empty($options['urlencode']))) . '));'; + return 'void(Horde.popup(' . self::escapeJson($params, array('nodelimit' => true, 'urlencode' => !empty($options['urlencode']))) . '));'; } /** -- 2.11.0