From afe5b0cf8d0caa60ab19d2d66538eb3575686644 Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Sat, 5 Nov 2005 21:07:19 +0000
Subject: [PATCH] Added entity_encode() and escape NOCLEAN strings if
 escapestrings is TRUE

---
 kernel.php | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/kernel.php b/kernel.php
index f160783..10da803 100644
--- a/kernel.php
+++ b/kernel.php
@@ -521,6 +521,20 @@ class Shared_Object_Framework
 		}
 	}
 	
+	/**
+	* Unicode-safe entity encoding system; similar to sanitize()
+	*
+	* @param	string	Unsanitized text
+	*
+	* @return	string	Unicode-safe sanitized text with entities preserved
+	*/
+	function entity_encode($text)
+	{
+		$text = str_replace('&', '&amp;', $text);
+		$text = $this->sanitize($text);
+		return $text;
+	}
+	
 	/**
 	* Takes text that has been processed for HTML and unsanitizes it
 	*
@@ -653,6 +667,10 @@ class Shared_Object_Framework
 		}
 		else if ($type == TYPE_NOCLEAN)
 		{
+			if ($this->escapestrings)
+			{
+				$value = $this->escape($value);
+			}
 		}
 		else
 		{
-- 
2.43.5