From 05ebc5a6269dd2469a0acff8a487600d0c922f43 Mon Sep 17 00:00:00 2001
From: CauseFX <causefx@me.com>
Date: Wed, 11 May 2022 13:41:58 -0700
Subject: [PATCH] limit bookmark name and category to char 50

---
 api/plugins/bookmark/plugin.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/api/plugins/bookmark/plugin.php b/api/plugins/bookmark/plugin.php
index 5f176c3b2..11bf2f784 100644
--- a/api/plugins/bookmark/plugin.php
+++ b/api/plugins/bookmark/plugin.php
@@ -575,6 +575,9 @@ public function _addTab($array)
 				$this->setAPIResponse('error', 'Tab name: ' . $array['name'] . ' is already taken', 409);
 				return false;
 			}
+			if (!$this->qualifyLength($array['name'], 50, true)) {
+				return false;
+			}
 		} else {
 			$this->setAPIResponse('error', 'Tab name was not supplied', 422);
 			return false;
@@ -646,6 +649,9 @@ public function _updateTab($id, $array)
 				$this->setAPIResponse('error', 'Tab name: ' . $array['name'] . ' is already taken', 409);
 				return false;
 			}
+			if (!$this->qualifyLength($array['name'], 50, true)) {
+				return false;
+			}
 		}
 		if (array_key_exists('background_color', $array)) {
 			$array['background_color'] = $this->sanitizeUserString($array['background_color']);
@@ -887,6 +893,9 @@ public function _addCategory($array)
 				$this->setAPIResponse('error', 'Category name: ' . $array['category'] . ' is already taken', 409);
 				return false;
 			}
+			if (!$this->qualifyLength($array['category'], 50, true)) {
+				return false;
+			}
 		} else {
 			$this->setAPIResponse('error', 'Category name was not supplied', 422);
 			return false;
@@ -930,6 +939,9 @@ public function _updateCategory($id, $array)
 				$this->setAPIResponse('error', 'Category name: ' . $array['category'] . ' is already taken', 409);
 				return false;
 			}
+			if (!$this->qualifyLength($array['category'], 50, true)) {
+				return false;
+			}
 		}
 		if (array_key_exists('default', $array)) {
 			if ($array['default']) {