diff options
author | ArthurHoaro <arthur@hoa.ro> | 2015-11-22 15:47:41 +0100 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2015-11-22 15:47:41 +0100 |
commit | 739dc2434424cf8d420dda648efcb9ad690bdc6e (patch) | |
tree | 4e2d48f5636c9bd7ecd01f7a23f94f001ae66315 /index.php | |
parent | a5dd1772bd17090e502eb8d117cf4efeed524b1e (diff) | |
download | Shaarli-739dc2434424cf8d420dda648efcb9ad690bdc6e.tar.gz Shaarli-739dc2434424cf8d420dda648efcb9ad690bdc6e.tar.zst Shaarli-739dc2434424cf8d420dda648efcb9ad690bdc6e.zip |
Fixes #382: Bookmarklet can not retrieve title when there is a quotation mark in it
bookmarklet fields weren't correctly escaped
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -1611,11 +1611,11 @@ function renderPage() | |||
1611 | $link_is_new = true; | 1611 | $link_is_new = true; |
1612 | $linkdate = strval(date('Ymd_His')); | 1612 | $linkdate = strval(date('Ymd_His')); |
1613 | // Get title if it was provided in URL (by the bookmarklet). | 1613 | // Get title if it was provided in URL (by the bookmarklet). |
1614 | $title = (empty($_GET['title']) ? '' : $_GET['title'] ); | 1614 | $title = empty($_GET['title']) ? '' : escape($_GET['title']); |
1615 | // Get description if it was provided in URL (by the bookmarklet). [Bronco added that] | 1615 | // Get description if it was provided in URL (by the bookmarklet). [Bronco added that] |
1616 | $description = (empty($_GET['description']) ? '' : $_GET['description']); | 1616 | $description = empty($_GET['description']) ? '' : escape($_GET['description']); |
1617 | $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] ); | 1617 | $tags = empty($_GET['tags']) ? '' : escape($_GET['tags']); |
1618 | $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); | 1618 | $private = !empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0; |
1619 | // If this is an HTTP(S) link, we try go get the page to extract the title (otherwise we will to straight to the edit form.) | 1619 | // If this is an HTTP(S) link, we try go get the page to extract the title (otherwise we will to straight to the edit form.) |
1620 | if (empty($title) && strpos(get_url_scheme($url), 'http') !== false) { | 1620 | if (empty($title) && strpos(get_url_scheme($url), 'http') !== false) { |
1621 | // Short timeout to keep the application responsive | 1621 | // Short timeout to keep the application responsive |