Fixes #382: Bookmarklet can not retrieve title when there is a quotation mark in it

bookmarklet fields weren't correctly escaped
This commit is contained in:
ArthurHoaro 2015-11-22 15:47:41 +01:00 committed by Knah Tsaeb
parent f981ab8a17
commit a1c3e68e7a

View file

@ -1682,11 +1682,13 @@ function renderPage()
{
$link_is_new = true; // This is a new link
$linkdate = strval(date('Ymd_His'));
$title = (empty($_GET['title']) ? '' : $_GET['title'] ); // Get title if it was provided in URL (by the bookmarklet).
$description = (empty($_GET['description']) ? '' : '>'.$_GET['description']); // Get description if it was provided in URL (by the bookmarklet). [Bronco added that]
$tags = (empty($_GET['tags']) ? '' : $_GET['tags'] ); // Get tags if it was provided in URL
$via = (empty($_GET['via']) ? '' : $_GET['via'] );
$private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); // Get private if it was provided in URL
// Get title if it was provided in URL (by the bookmarklet).
$title = empty($_GET['title']) ? '' : htmlspecialchars($_GET['title']);
// Get description if it was provided in URL (by the bookmarklet). [Bronco added that]
$description = (empty($_GET['description']) ? '' : htmlspecialchars($_GET['description']));
$tags = (empty($_GET['tags']) ? '' : htmlspecialchars($_GET['tags'] ));
$via = (empty($_GET['via']) ? '' : htmlspecialchars($_GET['via'] ));
$private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0);
if (($url!='') && parse_url($url,PHP_URL_SCHEME)=='') $url = 'http://'.$url;
// If this is an HTTP link, we try go get the page to extact the title (otherwise we will to straight to the edit form.)
if (empty($title) && parse_url($url,PHP_URL_SCHEME)=='http')