You are here

public function Escaper::escapeHtmlAttr in Zircon Profile 8.0

Same name and namespace in other branches
  1. 8 vendor/zendframework/zend-escaper/src/Escaper.php \Zend\Escaper\Escaper::escapeHtmlAttr()

Escape a string for the HTML Attribute context. We use an extended set of characters to escape that are not covered by htmlspecialchars() to cover cases where an attribute might be unquoted or quoted illegally (e.g. backticks are valid quotes for IE).

Parameters

string $string:

Return value

string

File

vendor/zendframework/zend-escaper/src/Escaper.php, line 159

Class

Escaper
Context specific methods for use in secure output escaping

Namespace

Zend\Escaper

Code

public function escapeHtmlAttr($string) {
  $string = $this
    ->toUtf8($string);
  if ($string === '' || ctype_digit($string)) {
    return $string;
  }
  $result = preg_replace_callback('/[^a-z0-9,\\.\\-_]/iSu', $this->htmlAttrMatcher, $string);
  return $this
    ->fromUtf8($result);
}