5 our $VERSION = "1.000";
8 use vars qw(@EXPORT_OK @EXPORT @ISA %EXPORT_TAGS);
9 @EXPORT_OK = qw(escape_html escape_uri unescape_html unescape_uri popup_menu escape_xml);
10 @EXPORT = qw(escape_html escape_uri unescape_html unescape_uri);
18 use HTML::Entities ();
22 my ($text, $what) = @_;
26 HTML::Entities::encode($text, $what);
30 HTML::Entities::decode(shift);
33 my %xml_entities = qw(< lt > gt & amp " quot);
38 $text =~ s/([<>&\"\x7F])/$xml_entities{$1} ? "&$xml_entities{$1};" : "&#".ord($1).";"/ge;
44 # older versions of uri_escape() acted differently without the
45 # second argument, so supply one to make sure we escape what
47 URI::Escape::uri_escape(shift, "^A-Za-z0-9\-_.!~*()");
51 URI::Escape::uri_unescape(shift);
55 my ($values, $labels, $default) = @_;
58 for my $value (@$values) {
59 my $option = '<option value="' . escape_html($value) . '"';
60 my $label = $labels->{$value};
61 defined $label or $label = $value;
62 $option .= ' selected="selected"'
63 if defined($default) && $default eq $value;
64 $option .= '>' . escape_html($label) . "</option>";
65 $html .= $option . "\n";
75 or confess "No -name parameter";
77 my $html = '<select name="' . escape_html($opts{"-name"}) . '"';
78 $html .= ' id="'.escape_html($opts{'-id'}).'"' if $opts{'-id'};
80 my $labels = $opts{"-labels"} || {};
81 my $values = $opts{"-values"};
82 my $default = $opts{"-default"};
83 my $groups = $opts{"-groups"};
85 for my $group (@$groups) {
86 my ($label, $ids) = @$group;
88 $html .= '<optgroup label="' . escape_html($label) . '">'
89 . _options($ids, $labels, $default) . '</optgroup>';
92 $html .= _options($ids, $labels, $default);
97 $html .= _options($values, $labels, $default);
110 DevHelp::HTML - provides simple consistent interfaces to HTML/URI
111 escaping with some extras
117 my $escaped = escape_html($text);
118 my $escaped = escape_uri($text);
119 my $unescaped = unescape_html($text);
120 my $unescaped = unescape_uri($text);
121 my $html = popup_menu(-name => $name,
124 -default => $default);
128 Provides some of the functionality of the CGI.pm module, without the
129 code to get the query/POST parameters.
133 =item escape_html($text)
135 Converts characters that should be entities into entities. Don't
136 expect this to work with UTF-8 text. Unlike the native HTML::Entities
137 interface it won't convert CR (\x0D) into an entity, since this causes
140 Probably assumes Latin-1.
142 =item escape_uti($text)
146 =item unescape_html($text)
150 =item unescape_uri($text)
152 Unescape URI escaped text.
154 =item popup_menu(...)
156 Creates a C<select> form element. Same interface as CGI::popup_menu()
157 but without the need to use -override to make the -default option
164 Tony Cook <tony@develop-help.com>