escape quotes from strings

1 files changed, 8 insertions, 4 deletions

diff --git a/apps/Notes/helpers/noteActions.js b/apps/Notes/helpers/noteActions.js
index d934229..b0e06e1 100644
--- a/apps/Notes/helpers/noteActions.js
+++ b/apps/Notes/helpers/noteActions.js
@@ -2,6 +2,10 @@ import fetchJson from 'helpers/fetchJson'
 import saveFile from 'helpers/saveFile'
 import filename from '../helpers/fileName'
 
+const escape = t => t.replace(/"/g, '"').replace(/'/, ''')
+
+export const unescape = t => t.replace(/"/g, '"').replace(/'/, '\'')
+
 export const getNote = async (note, setFetchedNote, t, setPopup, callback) => {
   try {
     const { content } = await fetchJson(`/api/notes/${note.noteId}`)
@@ -18,8 +22,8 @@ export const getNote = async (note, setFetchedNote, t, setPopup, callback) => {
 }
 
 export const addNote = async (e, mutateNotes, setAction, t, setPopup) => {
-  const content = e.currentTarget.content.value
-  const title = e.currentTarget.title.value
+  const content = escape(e.currentTarget.content.value)
+  const title = escape(e.currentTarget.title.value)
 
   try {
     mutateNotes(
@@ -44,8 +48,8 @@ export const addNote = async (e, mutateNotes, setAction, t, setPopup) => {
 }
 
 export const updateNote = async (e, note, mutateNotes, setAction, t, setPopup) => {
-  const content = e.currentTarget.content.value
-  const title = e.currentTarget.title.value
+  const content = escape(e.currentTarget.content.value)
+  const title = escape(e.currentTarget.title.value)
   const { _id, noteId } = note
 
   try {