fix: links with parameters get cut off at &

diff --git a/apps/bookmarks/ajax/addBookmark.php b/apps/bookmarks/ajax/addBookmark.php
index d066b0b32ff5ad13550e3e44feace68a044cf09d..78913f7a13248a861e0658ba377b11f6f2ac0dcd 100644 (file)
--- a/apps/bookmarks/ajax/addBookmark.php
+++ b/apps/bookmarks/ajax/addBookmark.php
@@ -51,9 +51,9 @@ $query = OC_DB::prepare("
        
        
 $params=array(
-       urldecode($_GET["url"]),
-       urldecode($_GET["title"]),
-       urldecode($_GET["description"]),
+       htmlspecialchars_decode($_GET["url"]),
+       htmlspecialchars_decode($_GET["title"]),
+       htmlspecialchars_decode($_GET["description"]),
        OC_User::getUser()
        );
 $query->execute($params);

diff --git a/apps/bookmarks/ajax/delBookmark.php b/apps/bookmarks/ajax/delBookmark.php
index 99a618a7d14aa61fd6268c300af8266b687381e9..bf1611fe5c1fff4d6dda7ce6155fd53bfd8d3251 100644 (file)
--- a/apps/bookmarks/ajax/delBookmark.php
+++ b/apps/bookmarks/ajax/delBookmark.php
@@ -36,7 +36,7 @@ if( !OC_User::isLoggedIn()){
 }
 
 $params=array(
-       urldecode($_GET["url"]),
+       htmlspecialchars_decode($_GET["url"]),
        OC_User::getUser()
        );
 

diff --git a/apps/bookmarks/ajax/getMeta.php b/apps/bookmarks/ajax/getMeta.php
index dadf23afd9172cd8c386b99939d89b4bf319bd63..e9fe0d684dcc8fdbc27b553eb911b4a78c351b2e 100644 (file)
--- a/apps/bookmarks/ajax/getMeta.php
+++ b/apps/bookmarks/ajax/getMeta.php
@@ -38,7 +38,7 @@ if( !OC_User::isLoggedIn()){
 // $metadata = array();
 
 require '../bookmarksHelper.php';
+$metadata = getURLMetadata(htmlspecialchars_decode($_GET["url"]));
 
-$metadata = getURLMetadata(urldecode($_GET["url"]));
 
 echo json_encode( array( 'status' => 'success', 'data' => $metadata));

diff --git a/apps/bookmarks/ajax/recordClick.php b/apps/bookmarks/ajax/recordClick.php
index 4dcb0b4a0df1c3fadfbb026529fabc75d5c79b71..116daea8bbb593267025e5caa611f07a065dc3d8 100644 (file)
--- a/apps/bookmarks/ajax/recordClick.php
+++ b/apps/bookmarks/ajax/recordClick.php
@@ -40,7 +40,7 @@ $query = OC_DB::prepare("
                AND url LIKE ?
        ");
        
-$params=array(OC_User::getUser(), urldecode($_GET["url"]));
+$params=array(OC_User::getUser(), htmlspecialchars_decode($_GET["url"]));
 $bookmarks = $query->execute($params);
 
 header( "HTTP/1.1 204 No Content" );

diff --git a/apps/bookmarks/ajax/updateList.php b/apps/bookmarks/ajax/updateList.php
index 61983cc0f5bac2c7be98d39cec910babb85dac06..ceecc5b7efaa80c12857f93f1181a6614dc5f9b6 100644 (file)
--- a/apps/bookmarks/ajax/updateList.php
+++ b/apps/bookmarks/ajax/updateList.php
@@ -39,7 +39,7 @@ $params=array(OC_User::getUser());
 $CONFIG_DBTYPE = OC_Config::getValue( 'dbtype', 'sqlite' );
 
 //Filter for tag?
-$filterTag = isset($_GET['tag']) ? '%' . urldecode($_GET['tag']) . '%' : false;
+$filterTag = isset($_GET['tag']) ? '%' . htmlspecialchars_decode($_GET['tag']) . '%' : false;
 if($filterTag){
        $sqlFilterTag = 'HAVING tags LIKE ?';
        $params[] = $filterTag;

diff --git a/apps/bookmarks/bookmarksHelper.php b/apps/bookmarks/bookmarksHelper.php
index 383a8ddd565539bec7268a97cddc911ce722a682..aee941a27b95ea69e2526512bd612e127c9c9221 100644 (file)
--- a/apps/bookmarks/bookmarksHelper.php
+++ b/apps/bookmarks/bookmarksHelper.php
@@ -11,7 +11,7 @@ function getURLMetadata($url) {
 
        $page = file_get_contents($url);
        @preg_match( "/<title>(.*)<\/title>/si", $page, $match );
-       $metadata['title'] = htmlentities(strip_tags(@$match[1])); 
+       $metadata['title'] = htmlspecialchars_decode(@$match[1]); 
 
        $meta = get_meta_tags($url);
 

diff --git a/apps/bookmarks/js/bookmarks.js b/apps/bookmarks/js/bookmarks.js
index 760ae96b9e64c3c59122755e38ba3cfe0f3f8484..ac87d967be81e902273306b4a2d99ad12d00fa07 100644 (file)
--- a/apps/bookmarks/js/bookmarks.js
+++ b/apps/bookmarks/js/bookmarks.js
@@ -48,7 +48,7 @@ function getMetadata() {
        var url = encodeEntities($('#bookmark_add_url').val())
        $.ajax({
                url: 'ajax/getMeta.php',
-               data: 'url=' + encodeURI(url),
+               data: 'url=' + encodeURIComponent(url),
                success: function(pageinfo){
                        $('#bookmark_add_url').val(pageinfo.data.url);
                        $('#bookmark_add_description').val(pageinfo.data.description);

diff --git a/apps/bookmarks/templates/list.php b/apps/bookmarks/templates/list.php
index a2c89b310a2950b7b9d06a59e0bafdb6acd54cb6..4f101d44f90d773a53df3e4a11b013668857a647 100644 (file)
--- a/apps/bookmarks/templates/list.php
+++ b/apps/bookmarks/templates/list.php
@@ -2,7 +2,7 @@
 <h2 class="bookmarks_headline"><?php echo isset($_GET["tag"]) ? 'Bookmarks with tag: ' . urldecode($_GET["tag"]) : 'All bookmarks'; ?></h2>
 <div class="bookmarks_menu">
        <input type="button" class="bookmarks_addBtn" value="Add Bookmark"/>&nbsp;
-       <a class="bookmarks_addBml" href="javascript:var url = encodeURI(location.href);window.open('<?php echo (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . OC_Helper::linkTo('bookmarks', 'addBm.php'); ?>?url='+url, 'owncloud-bookmarks');" title="Drag this to your browser bookmarks and click it, when you want to bookmark a webpage.">Add page to ownCloud</a>
+       <a class="bookmarks_addBml" href="javascript:var url = encodeURIComponent(location.href);window.open('<?php echo (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . OC_Helper::linkTo('bookmarks', 'addBm.php'); ?>?url='+url, 'owncloud-bookmarks');" title="Drag this to your browser bookmarks and click it, when you want to bookmark a webpage.">Add page to ownCloud</a>
 </div>
 <div class="bookmarks_add">
        <p><label class="bookmarks_label">Address</label><input type="text" id="bookmark_add_url" class="bookmarks_input" /></p>