use Fcntl qw(:flock);
use strict;
-our @EXPORT = qw/HiddenFields Entity DecodeURI EncodeURI Entity include PLP_END
+our @EXPORT = qw/Entity DecodeURI EncodeURI include PLP_END
AddCookie ReadFile WriteFile AutoURL Counter Include exit/;
sub Include ($) {
push @PLP::END, shift;
}
-sub HiddenFields ($@) {
- my $hash = shift;
- my %saves;
- @saves{@_} = ();
- for (keys %$hash) {
- print qq{<input type=hidden name="$_" value="$hash->{$_}">}
- unless exists $saves{$_};
- }
-}
-
sub Entity (@) {
my $ref;
my @copy;
<: print Entity($user_input); :>
+Be warned that this function also HTMLizes consecutive whitespace and newlines (using and <br> respectively).
+For simple escaping, use L<XML::Quote>. To escape high-bit characters as well, use L<HTML::Entities>.
+
=item EncodeURI LIST
-Replaces characters by their %-encoded values.
+Encodes URI strings according to RFC 3986. All disallowed characters are replaced by their %-encoded values.
In void context, B<changes> the values of the given variables. In other contexts, returns the changed versions.
<a href="/foo.plp?name=<:= EncodeURI($name) :>">Link</a>
+Note that the following reserved characters are I<not> percent-encoded, even though they may have a special meaning in URIs:
+
+ / ? : @ $
+
+This should be safe for escaping query values (as in the example above), but it may be a better idea to use L<URI::Escape> instead.
+
=item DecodeURI LIST
-Decodes %-encoded strings.
+Decodes %-encoded strings. Unlike L<URI::Escape>, it also translates + characters to spaces (as browsers use those).
In void context, B<changes> the values of the given variables. In other contexts, returns the changed versions.
Juerd Waalboer <juerd@cpan.org>
+Current maintainer: Mischa POSLAWSKY <shiar@cpan.org>
+
=cut