]> 91.132.146.200 Git - insipid.git/commitdiff
projects / insipid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 54f87c7)
add a bookmark and make the sql querie save
authorBanana <banana@starscream.de>
Thu, 16 Jun 2011 13:42:24 +0000 (15:42 +0200)
committerBanana <banana@starscream.de>
Thu, 16 Jun 2011 13:42:24 +0000 (15:42 +0200)
TODO patch | blob | history
lib/Insipid/Bookmarks.pm patch | blob | history
lib/Insipid/Main.pm patch | blob | history
lib/Insipid/Tags.pm patch | blob | history

diff --git a/TODO b/TODO
index bd6d5d5fa87fe83362778ea45bbe947347f527ce..7e4c9e6e0765b35870070cbc6d74ccbf35bd5532 100755 (executable)
--- a/TODO
+++ b/TODO
@@ -1,8 +1,6 @@
 For 1.0
 ==========================================================================
 - Quote marks screw up adding a bookmark
-- Move htaccess management into the configuration page
-
 
 Everything else
 ==========================================================================
diff --git a/lib/Insipid/Bookmarks.pm b/lib/Insipid/Bookmarks.pm
index 25bbf52d4889ec5ff5f1c63c363b449e80c287c1..13c4fb082a524209aed5f5d26a7c122ddfc96cb3 100755 (executable)
--- a/lib/Insipid/Bookmarks.pm
+++ b/lib/Insipid/Bookmarks.pm
@@ -85,7 +85,7 @@ sub add_bookmark {
        if($epoch eq 0) { $epoch = time; }
        $sth = $dbh->prepare($sql);
 
-       $sth->execute($url, $md5, $title, $description, $access_level, $epoch)
+       $sth->execute($url, $md5, $dbh->quote($title), $dbh->quote($description), $access_level, $epoch)
                or die $DBI::errstr;
        
        $icount++;
diff --git a/lib/Insipid/Main.pm b/lib/Insipid/Main.pm
index 507a67c888330dc9f55125d9e3116ba26a4da2dc..04f55b7b6dc3ea1e88cb20cbf88a531392d157ba 100755 (executable)
--- a/lib/Insipid/Main.pm
+++ b/lib/Insipid/Main.pm
@@ -54,6 +54,7 @@ use MIME::Base64;
 use LWP::UserAgent;
 use HTTP::Request;
 use HTTP::Response;
+use Data::Validate::URI qw(is_uri);
 
 my $NL = "<br />\n";
 my @valid;
@@ -294,6 +295,11 @@ IFORM
                                        print "URL or Title can not be empty";
                                        exit;
                                }
+                               
+                               if(!is_uri($url)) {
+                                       print "This is not a valid URL";
+                                       exit;
+                               }
 
                 if (defined(param('access_level'))) {
                     if (param('access_level') eq 'on') {
diff --git a/lib/Insipid/Tags.pm b/lib/Insipid/Tags.pm
index 0a5148dcca9553e98b2972565fe7b0de4902b698..3b98a7ffae1160c47f5bbb1014cf87d3a813d820 100755 (executable)
--- a/lib/Insipid/Tags.pm
+++ b/lib/Insipid/Tags.pm
@@ -304,7 +304,7 @@ sub set_tags {
            if ($tagcount < 1) {
                        my $sql = "insert into $tbl_tags (name) values(?)";
                        my $sth = $dbh->prepare($sql);
-                       $sth->execute($cur);
+                       $sth->execute($dbh->quote($cur));
            }
 
            # and fetch the tag ID
Web-based bookmark manager