From 349597c8b7e582a5f2f62150949b8723079106d4 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Sun, 15 Apr 2012 15:53:30 +0200
Subject: [PATCH] Bookmarks: handle input with & and ?, fixes oc-201

---
 js/bookmarks.js | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/js/bookmarks.js b/js/bookmarks.js
index 9502af0a..16ed14c8 100644
--- a/js/bookmarks.js
+++ b/js/bookmarks.js
@@ -3,7 +3,7 @@ var bookmarks_loading = false;
 
 var bookmarks_sorting = 'bookmarks_sorting_recent';
 
-$(document).ready(function() {	
+$(document).ready(function() {
 	$('#bookmark_add_submit').click(addOrEditBookmark);
 	$(window).resize(function () {
 		fillWindow($('.bookmarks_list'));
@@ -18,10 +18,10 @@ function getBookmarks() {
 		//have patience :)
 		return;
 	}
-	
+
 	$.ajax({
 		url: 'ajax/updateList.php',
-		data: 'tag=' + encodeURI($('#bookmarkFilterTag').val()) + '&page=' + bookmarks_page + '&sort=' + bookmarks_sorting,
+		data: 'tag=' + encodeURIComponent($('#bookmarkFilterTag').val()) + '&page=' + bookmarks_page + '&sort=' + bookmarks_sorting,
 		success: function(bookmarks){
 			if (bookmarks.data.length) {
 				bookmarks_page += 1;
@@ -29,7 +29,7 @@ function getBookmarks() {
 			$('.bookmark_link').unbind('click', recordClick);
 			$('.bookmark_delete').unbind('click', delBookmark);
 			$('.bookmark_edit').unbind('click', showBookmark);
-	
+
 			for(var i in bookmarks.data) {
 				updateBookmarksList(bookmarks.data[i]);
 				$("#firstrun").hide();
@@ -41,13 +41,13 @@ function getBookmarks() {
 			$('.bookmark_link').click(recordClick);
 			$('.bookmark_delete').click(delBookmark);
 			$('.bookmark_edit').click(showBookmark);
-			
+
 			bookmarks_loading = false;
 			if (bookmarks.data.length) {
 				updateOnBottom()
 			}
 		}
-	});	
+	});
 }
 
 // function addBookmark() {
@@ -60,13 +60,13 @@ function addOrEditBookmark(event) {
 	var title = encodeEntities($('#bookmark_add_title').val());
 	var tags = encodeEntities($('#bookmark_add_tags').val());
 	$("#firstrun").hide();
-	
+
 	if (id == 0) {
 		$.ajax({
 			url: 'ajax/addBookmark.php',
-			data: 'url=' + encodeURI(url) + '&title=' + encodeURI(title) + '&tags=' + encodeURI(tags),
-			success: function(response){ 
-				$('.bookmarks_input').val(''); 
+			data: 'url=' + encodeURIComponent(url) + '&title=' + encodeURIComponent(title) + '&tags=' + encodeURIComponent(tags),
+			success: function(response){
+				$('.bookmarks_input').val('');
 				$('.bookmarks_list').empty();
 				bookmarks_page = 0;
 				getBookmarks();
@@ -76,8 +76,8 @@ function addOrEditBookmark(event) {
 	else {
 		$.ajax({
 			url: 'ajax/editBookmark.php',
-			data: 'id=' + id + '&url=' + encodeURI(url) + '&title=' + encodeURI(title) + '&tags=' + encodeURI(tags),
-			success: function(){ 
+			data: 'id=' + id + '&url=' + encodeURIComponent(url) + '&title=' + encodeURIComponent(title) + '&tags=' + encodeURIComponent(tags),
+			success: function(){
 				$('.bookmarks_input').val('');
 				$('#bookmark_add_id').val('0');
 				$('.bookmarks_list').empty();
@@ -86,14 +86,14 @@ function addOrEditBookmark(event) {
 			}
 		});
 	}
-	
+
 }
 
 function delBookmark(event) {
 	var record = $(this).parent().parent();
 	$.ajax({
 		url: 'ajax/delBookmark.php',
-		data: 'url=' + encodeURI($(this).parent().parent().children('.bookmark_url:first').text()),
+		data: 'url=' + encodeURIComponent($(this).parent().parent().children('.bookmark_url:first').text()),
 		success: function(data){
 			record.remove();
 			if($('.bookmarks_list').is(':empty')) {
@@ -109,7 +109,7 @@ function showBookmark(event) {
 	$('#bookmark_add_url').val(record.children('.bookmark_url:first').text());
 	$('#bookmark_add_title').val(record.children('.bookmark_title:first').text());
 	$('#bookmark_add_tags').val(record.children('.bookmark_tags:first').text());
-	
+
 	if ($('.bookmarks_add').css('display') == 'none') {
 		$('.bookmarks_add').slideToggle();
 	}
@@ -124,7 +124,7 @@ function updateBookmarksList(bookmark) {
 	var taglist = '';
 	for ( var i=0, len=tags.length; i<len; ++i ){
 		if(tags[i] != '')
-			taglist = taglist + '<a class="bookmark_tag" href="?tag=' + encodeURI(tags[i]) + '">' + tags[i] + '</a> ';
+			taglist = taglist + '<a class="bookmark_tag" href="?tag=' + encodeURIComponent(tags[i]) + '">' + tags[i] + '</a> ';
 	}
 	if(!hasProtocol(bookmark.url)) {
 		bookmark.url = 'http://' + bookmark.url;
@@ -165,8 +165,8 @@ function updateOnBottom() {
 function recordClick(event) {
 	$.ajax({
 		url: 'ajax/recordClick.php',
-		data: 'url=' + encodeURI($(this).attr('href')),
-	});	
+		data: 'url=' + encodeURIComponent($(this).attr('href')),
+	});
 }
 
 function encodeEntities(s){