summaryrefslogtreecommitdiff
path: root/lib/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'lib/scripts')
-rw-r--r--lib/scripts/edit.js12
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/scripts/edit.js b/lib/scripts/edit.js
index ada70194d..077069a5a 100644
--- a/lib/scripts/edit.js
+++ b/lib/scripts/edit.js
@@ -338,7 +338,7 @@ function changeCheck(msg){
var dwform = $('dw__editform');
if(dwform){
var params = 'call=draftdel';
- params += '&id='+dwform.elements.id.value;
+ params += '&id='+encodeURIComponent(dwform.elements.id.value);
var sackobj = new sack(DOKU_BASE + 'lib/exe/ajax.php');
sackobj.AjaxFailedAlert = '';
@@ -499,13 +499,13 @@ var locktimer = new locktimer_class();
var now = new Date();
// refresh every minute only
if(now.getTime() - locktimer.lasttime.getTime() > 30*1000){ //FIXME decide on time
- var params = 'call=lock&id='+encodeURI(locktimer.pageid);
+ var params = 'call=lock&id='+encodeURIComponent(locktimer.pageid);
if(locktimer.draft){
var dwform = $('dw__editform');
- params += '&prefix='+encodeURI(dwform.elements.prefix.value);
- params += '&wikitext='+encodeURI(dwform.elements.wikitext.value);
- params += '&suffix='+encodeURI(dwform.elements.suffix.value);
- params += '&date='+encodeURI(dwform.elements.date.value);
+ params += '&prefix='+encodeURIComponent(dwform.elements.prefix.value);
+ params += '&wikitext='+encodeURIComponent(dwform.elements.wikitext.value);
+ params += '&suffix='+encodeURIComponent(dwform.elements.suffix.value);
+ params += '&date='+encodeURIComponent(dwform.elements.date.value);
}
locktimer.sack.runAJAX(params);
locktimer.lasttime = now;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 07:15:15 +0000