From e6bdd256675f86cb3335f0491a3b41b7f4bf90fd Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Thu, 25 Aug 2011 13:51:48 +0200 Subject: [PATCH] fix: links with parameters get cut off at & --- apps/bookmarks/ajax/addBookmark.php | 6 +++--- apps/bookmarks/ajax/delBookmark.php | 2 +- apps/bookmarks/ajax/getMeta.php | 2 +- apps/bookmarks/ajax/recordClick.php | 2 +- apps/bookmarks/ajax/updateList.php | 2 +- apps/bookmarks/bookmarksHelper.php | 2 +- apps/bookmarks/js/bookmarks.js | 2 +- apps/bookmarks/templates/list.php | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) diff --git a/apps/bookmarks/ajax/addBookmark.php b/apps/bookmarks/ajax/addBookmark.php index d066b0b32ff..78913f7a132 100644 --- a/apps/bookmarks/ajax/addBookmark.php +++ b/apps/bookmarks/ajax/addBookmark.php @@ -51,9 +51,9 @@ $query = OC_DB::prepare(" $params=array( - urldecode($_GET["url"]), - urldecode($_GET["title"]), - urldecode($_GET["description"]), + htmlspecialchars_decode($_GET["url"]), + htmlspecialchars_decode($_GET["title"]), + htmlspecialchars_decode($_GET["description"]), OC_User::getUser() ); $query->execute($params); diff --git a/apps/bookmarks/ajax/delBookmark.php b/apps/bookmarks/ajax/delBookmark.php index 99a618a7d14..bf1611fe5c1 100644 --- a/apps/bookmarks/ajax/delBookmark.php +++ b/apps/bookmarks/ajax/delBookmark.php @@ -36,7 +36,7 @@ if( !OC_User::isLoggedIn()){ } $params=array( - urldecode($_GET["url"]), + htmlspecialchars_decode($_GET["url"]), OC_User::getUser() ); diff --git a/apps/bookmarks/ajax/getMeta.php b/apps/bookmarks/ajax/getMeta.php index dadf23afd91..e9fe0d684dc 100644 --- a/apps/bookmarks/ajax/getMeta.php +++ b/apps/bookmarks/ajax/getMeta.php @@ -38,7 +38,7 @@ if( !OC_User::isLoggedIn()){ // $metadata = array(); require '../bookmarksHelper.php'; +$metadata = getURLMetadata(htmlspecialchars_decode($_GET["url"])); -$metadata = getURLMetadata(urldecode($_GET["url"])); echo json_encode( array( 'status' => 'success', 'data' => $metadata)); diff --git a/apps/bookmarks/ajax/recordClick.php b/apps/bookmarks/ajax/recordClick.php index 4dcb0b4a0df..116daea8bbb 100644 --- a/apps/bookmarks/ajax/recordClick.php +++ b/apps/bookmarks/ajax/recordClick.php @@ -40,7 +40,7 @@ $query = OC_DB::prepare(" AND url LIKE ? "); -$params=array(OC_User::getUser(), urldecode($_GET["url"])); +$params=array(OC_User::getUser(), htmlspecialchars_decode($_GET["url"])); $bookmarks = $query->execute($params); header( "HTTP/1.1 204 No Content" ); diff --git a/apps/bookmarks/ajax/updateList.php b/apps/bookmarks/ajax/updateList.php index 61983cc0f5b..ceecc5b7efa 100644 --- a/apps/bookmarks/ajax/updateList.php +++ b/apps/bookmarks/ajax/updateList.php @@ -39,7 +39,7 @@ $params=array(OC_User::getUser()); $CONFIG_DBTYPE = OC_Config::getValue( 'dbtype', 'sqlite' ); //Filter for tag? -$filterTag = isset($_GET['tag']) ? '%' . urldecode($_GET['tag']) . '%' : false; +$filterTag = isset($_GET['tag']) ? '%' . htmlspecialchars_decode($_GET['tag']) . '%' : false; if($filterTag){ $sqlFilterTag = 'HAVING tags LIKE ?'; $params[] = $filterTag; diff --git a/apps/bookmarks/bookmarksHelper.php b/apps/bookmarks/bookmarksHelper.php index 383a8ddd565..aee941a27b9 100644 --- a/apps/bookmarks/bookmarksHelper.php +++ b/apps/bookmarks/bookmarksHelper.php @@ -11,7 +11,7 @@ function getURLMetadata($url) { $page = file_get_contents($url); @preg_match( "/(.*)<\/title>/si", $page, $match ); - $metadata['title'] = htmlentities(strip_tags(@$match[1])); + $metadata['title'] = htmlspecialchars_decode(@$match[1]); $meta = get_meta_tags($url); diff --git a/apps/bookmarks/js/bookmarks.js b/apps/bookmarks/js/bookmarks.js index 760ae96b9e6..ac87d967be8 100644 --- a/apps/bookmarks/js/bookmarks.js +++ b/apps/bookmarks/js/bookmarks.js @@ -48,7 +48,7 @@ function getMetadata() { var url = encodeEntities($('#bookmark_add_url').val()) $.ajax({ url: 'ajax/getMeta.php', - data: 'url=' + encodeURI(url), + data: 'url=' + encodeURIComponent(url), success: function(pageinfo){ $('#bookmark_add_url').val(pageinfo.data.url); $('#bookmark_add_description').val(pageinfo.data.description); diff --git a/apps/bookmarks/templates/list.php b/apps/bookmarks/templates/list.php index a2c89b310a2..4f101d44f90 100644 --- a/apps/bookmarks/templates/list.php +++ b/apps/bookmarks/templates/list.php @@ -2,7 +2,7 @@ <h2 class="bookmarks_headline"><?php echo isset($_GET["tag"]) ? 'Bookmarks with tag: ' . urldecode($_GET["tag"]) : 'All bookmarks'; ?></h2> <div class="bookmarks_menu"> <input type="button" class="bookmarks_addBtn" value="Add Bookmark"/>  - <a class="bookmarks_addBml" href="javascript:var url = encodeURI(location.href);window.open('<?php echo (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . OC_Helper::linkTo('bookmarks', 'addBm.php'); ?>?url='+url, 'owncloud-bookmarks');" title="Drag this to your browser bookmarks and click it, when you want to bookmark a webpage.">Add page to ownCloud</a> + <a class="bookmarks_addBml" href="javascript:var url = encodeURIComponent(location.href);window.open('<?php echo (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . OC_Helper::linkTo('bookmarks', 'addBm.php'); ?>?url='+url, 'owncloud-bookmarks');" title="Drag this to your browser bookmarks and click it, when you want to bookmark a webpage.">Add page to ownCloud</a> </div> <div class="bookmarks_add"> <p><label class="bookmarks_label">Address</label><input type="text" id="bookmark_add_url" class="bookmarks_input" /></p> -- 2.39.5