PHP htmlentities() messes up output?
This is a voting plugin for Wordpress, but I think the problem is PHP, so I posted it here.
3 fields allow the user to paste HTML code (Voting up, Voting down, and HTML displayed after voting):
value="<?php echo htmlentities(get_option('voteiu_sinktext')); ?>"
value="<?php echo htmlentities(get_option('voteiu_votetext')); ?>"
value="<?php echo htmlentities(get_option('voteiu_aftervotetext')); ?>"
I added an <img>
tag to the first two fields. And they are displayed correctly but when I add an image to the last one voteiu_aftervotetext
(<img src="http://localhost/taiwantalk/wp-content/plugins/vote-it-up/voting-disabled.png" />
) . The first two fields (Vote Up and Vote Down) output like this:
<a voting-disabled.png"="" vote-it-up="" plugins="" wp-content="" taiwantalk=""
localhost="" http:="" href="javascript:vote('votecount47','voteid47','<img
src=">',47,1,'http://localhost/taiwantalk/wp-content/plugins/vote-it-up');"><img
src="http://localhost/taiwantalk/wp-content/plugins/vote-it-up/uparrow.png"></a>
config file:
<?php
/* VoteItUp configuration page */
function VoteItUp_options() {
if (function_exists('add_options_page')) {
add_options_page("Vote It Up", "Vote It Up", 8, "voteitupconfig", "VoteItUp_optionspage");
add_options_page("Edit Votes", "Edit Votes", 8, "voteitupeditvotes", "VoteItUp_editvotespage");
}
}
/* Wordpress MU fix, options whitelist */
if(function_exists('wpmu_create_blog')) {
add_filter('whitelist_options','voteitup_alter_whitelist_options');
function voteitup_alter_whitelist_options($whitelist) {
if(is_array($whitelist)) {
$option_array = array('voteitup' => array('voteiu_initialoffset','voteiu_votetext','voteiu_sinktext','voteiu_aftervotetext','voteiu_allowguests','voteiu_allowownvote','voteiu_limit','voteiu_widgetcount','voteiu_skin'));
$whitelist = array_merge($whitelist,$option_array);
}
return $whitelist;
}
}
//Page meant for administrators
function VoteItUp_optionspage() {
?>
<div class="wrap">
<div id="icon-options-general" class="icon32"><br /></div>
<h2><?php _e('Voting options'); ?></h2>
<form method="post" action="options.php">
<?php
/* bugfix for wordpress mu */
if(function_exists('wpmu_create_blog')) {
wp_nonce_field('voteitup-options');
echo '<input type="hidden" name="option_page" value="voteitup" />';
} else {
wp_nonce_field('update-options');
}
?>
<h3>General</h3>
<table class="form-table" border="0">
<tr valign="top">
<th scope="row" style="text-align: left;">Initial vote count</th>
<td>
<input type="text" name="voteiu_initialoffset" id="voteiu_initialoffset" value="<?php if (get_option('voteiu_initialoffset')=='') { echo '0'; } else { echo get_option('voteiu_initialoffset'); } ?>" />
</td></tr>
<tr valign="top">
<th scope="row" style="text-align: left;">Name of positive votes</th>
<td>
<input type="text" name="voteiu_votetext" id="voteiu_votetext" value="<?php echo htmlentities(get_option('voteiu_votetext')); ?>" /><br />
You can use <code><img></code> to use images instead of text. Example: <code><img src="<?php echo VoteItUp_ExtPath(); ?>/uparrow.png" /></code><br />
Default: <code>Vote</code>
</td>
</tr>
<tr valign="top">
<th scope="row" style="text-align: left;">Name of negative votes</th>
<td>
<input type="text" name="voteiu_sinktext" id="voteiu_sinktext" value="<?php echo htmlentities(get_option('voteiu_sinktext')); ?>" <?php if (!GetCurrentSkinInfo('supporttwoway')) { echo 'disabled="disabled" '; }?>/><br />
<?php if (GetCurrentSkinInfo('supporttwoway')) { ?>You can use <code><img></code> to use images instead of text. Example: <code><img src="<?php echo VoteItUp_ExtPath(); ?>/downarrow.png" /></code><br />
If this is left blank two-way voting is disabled.<?php } else {
?>Current widget template does not support two-way voting<?php } ?>
</td>
</tr>
<tr valign="top">
<th scope="row" style="text-align: left;">Text displayed after vote is cast</th>
<td>
<input type="text" name="voteiu_aftervotetext" id="voteiu_aftervotetext" value="<?php echo htmlentities(get_option('voteiu_aftervotetext')); ?>" /><br />
You can use <code><img></code> to use images instead of text. Text is displayed after user casts a vote. If this is left blank the vote button disappears.
</td>
</tr>
</table>
<h3>Permissions</h3>
<table class="form-table" border="0">
<tr valign="top">
<th scope="row" style="text-align: left;">Allow guests to vote</th>
<td>
<input type="checkbox" name="voteiu_allowguests" id="voteiu_allowguests" value="true" <?php if (get_option('voteiu_allowguests') == 'true') { echo ' checked="checked"'; } ?> />
</td></tr>
<tr valign="top">
<th scope="row" style="text-align: left;">Post author can vote own post</th>
<td>
<input type="checkbox" name="voteiu_allowownvote" id="voteiu_allowownvote" value="true" <?php if (get_option('voteiu_allowownvote') == 'true') { echo ' checked="checked"'; } ?> />
</td></tr>
</table>
<h3>Theming</h3>
<p>External templates for the voting widgets can be installed via the "skin" directory. Voting widgets using <code><?php DisplayVotes(get_the_ID()); ?></code> will use the new themes. Setting this to "none" will result in the default bar theme being used.</p>
<?php SkinsConfig(); ?>
<h3>Widget</h3>
<p>The widget shows posts which have the most votes. Only new posts are considered to keep the list fresh.</p>
<p>The widget can be displayed to where you want by using the following code: <code><?php MostVotedAllTime(); ?></code>, or if your template supports widgets it can be added via the <a href="widgets.php" title="Widgets">widgets panel</a>.</p>
<table class="form-table" border="0">
<tr valign="top">
<th scope="row" style="text-align: left;">No. of most recent posts to be considered</th>
<td><input type="text" name="voteiu_limit" id="voteiu_limit" value="<?php echo get_option('voteiu_limit'); ?>" /><br />
Default: <code>100</code>
</td>
</tr>
<tr valign="top">
<th scope="row" style="text-align: left;">No. of posts shown in widget</th>
<td><input type="text" name="voteiu_widgetcount" id="voteiu_widgetcount" value="<?php if (get_option('voteiu_widgetcount')开发者_如何学C=='') { echo '10'; } else {echo get_option('voteiu_widgetcount');} ?>" /><br />
Default: <code>10</code>
</td>
</tr>
</table>
<input type="hidden" name="action" value="update" />
<input type="hidden" name="page_options" value="voteiu_initialoffset,voteiu_votetext,voteiu_sinktext,voteiu_aftervotetext,voteiu_allowguests,voteiu_allowownvote,voteiu_limit,voteiu_widgetcount,voteiu_skin" />
<h3>Voting code</h3>
<p>The following code should be added in your index.php and single.php. This displays the vote buttons.</p>
<p><strong>Themable Version</strong><br />
<code><?php DisplayVotes(get_the_ID()); ?></code></p>
<p class="submit">
<input type="submit" name="Submit" value="<?php _e('Update Options »') ?>" />
</p>
</form>
</div>
<?php
}
the file which controls the output:
<span class="barcontainer"><span class="barfill" id="votecount<?php echo $postID ?>" style="width:<?php echo round($barvotes[0] * 2.5); ?>%;"> </span></span>
<?php if ($user_ID != '') {
if (!($user_login == get_the_author_login() && !get_option('voteiu_allowownvote'))) { ?>
<span>
<?php if(!UserVoted($postID,$user_ID)) { ?><span class="bartext" id="voteid<?php the_ID(); ?>">
<a href="javascript:vote('votecount<?php the_ID(); ?>','voteid<?php the_ID(); ?>','<?php echo get_option('voteiu_aftervotetext'); ?>',<?php the_ID(); ?>,<?php echo $user_ID; ?>,'<?php echo VoteItUp_ExtPath(); ?>');"><?php echo get_option('voteiu_votetext'); ?></a><?php if (get_option('voteiu_sinktext') != '') { ?><a href="javascript:sink('votecount<?php the_ID(); ?>','voteid<?php the_ID(); ?>','<?php echo get_option('voteiu_aftervotetext'); ?>',<?php the_ID(); ?>,<?php echo $user_ID; ?>,'<?php echo VoteItUp_ExtPath(); ?>');"><?php echo get_option('voteiu_sinktext'); ?></a>
<?php } ?>
</span>
<?php } else { ?>
<?php if (get_option('voteiu_aftervotetext') != '') { ?><span class="bartext" id="voteid<?php the_ID(); ?>"><?php echo get_option('voteiu_aftervotetext'); ?></span><?php } ?>
<?php } ?>
</span>
<?php } } else {
if (get_option('voteiu_allowguests') == 'true') { ?>
<span>
<?php if(!GuestVoted($postID,md5($_SERVER['REMOTE_ADDR']))) { ?><span class="bartext" id="voteid<?php the_ID(); ?>">
<a href="javascript:vote('votecount<?php the_ID(); ?>','voteid<?php the_ID(); ?>','<?php echo get_option('voteiu_aftervotetext'); ?>',<?php the_ID(); ?>,0,'<?php echo VoteItUp_ExtPath(); ?>');"><?php echo get_option('voteiu_votetext'); ?></a><?php if (get_option('voteiu_sinktext') != '') { ?><a href="javascript:sink('votecount<?php the_ID(); ?>','voteid<?php the_ID(); ?>','<?php echo get_option('voteiu_aftervotetext'); ?>',<?php the_ID(); ?>,0,'<?php echo VoteItUp_ExtPath(); ?>');"><?php echo get_option('voteiu_sinktext'); ?></a>
<?php } ?>
</span>
<?php } ?>
</span>
Is like the third field inserts itself in the anchor tag of the first two. Is the problem spot-able with the information provided above?
精彩评论