From a36a0d9dec8a3ba79501d2526d648e44306f0fdd Mon Sep 17 00:00:00 2001
From: Lars Hjemli <hjemli@gmail.com>
Date: Sun, 5 Oct 2008 12:49:46 +0200
Subject: html.c: add html_url_arg

This function can be used to properly escape querystring parameter values.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
---
 html.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'html.c')

diff --git a/html.c b/html.c
index 36e9a2f..167127f 100644
--- a/html.c
+++ b/html.c
@@ -128,6 +128,22 @@ void html_attr(char *txt)
 		html(txt);
 }
 
+void html_url_arg(char *txt)
+{
+	char *t = txt;
+	while(t && *t){
+		int c = *t;
+		if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
+			write(htmlfd, txt, t - txt);
+			write(htmlfd, fmt("%%%2x", c), 3);
+			txt = t+1;
+		}
+		t++;
+	}
+	if (t!=txt)
+		html(txt);
+}
+
 void html_hidden(char *name, char *value)
 {
 	html("<input type='hidden' name='");
-- 
cgit v1.2.3-59-g8ed1b