Check input on adding/editing addressbook.

apps/contacts/ajax/createaddressbook.php

@@ -15,7 +15,13 @@ OC_JSON::checkLoggedIn();
 OC_JSON::checkAppEnabled('contacts');
 
 $userid = OC_User::getUser();
-$bookid = OC_Contacts_Addressbook::add($userid, $_POST['name'], null);
+$name = trim(strip_tags($_POST['name']));
+if(!$name) {
+	OC_JSON::error(array('data' => array('message' => OC_Contacts_App::$l10n->t('Cannot add addressbook with an empty name.'))));
+	OC_Log::write('contacts','ajax/createaddressbook.php: Cannot add addressbook with an empty name.', OC_Log::ERROR);
+	exit();
+}
+$bookid = OC_Contacts_Addressbook::add($userid, $name, null);
 if(!$bookid) {
 	OC_JSON::error(array('data' => array('message' => $l->t('Error adding addressbook.'))));
 	OC_Log::write('contacts','ajax/createaddressbook.php: Error adding addressbook: '.$_POST['name'], OC_Log::ERROR);

apps/contacts/ajax/updateaddressbook.php

@@ -16,7 +16,14 @@ OC_JSON::checkAppEnabled('contacts');
 
 $bookid = $_POST['id'];
 
-if(!OC_Contacts_Addressbook::edit($bookid, $_POST['name'], null)) {
+$name = trim(strip_tags($_POST['name']));
+if(!$name) {
+	OC_JSON::error(array('data' => array('message' => OC_Contacts_App::$l10n->t('Cannot update addressbook with an empty name.'))));
+	OC_Log::write('contacts','ajax/updateaddressbook.php: Cannot update addressbook with an empty name.', OC_Log::ERROR);
+	exit();
+}
+	
+if(!OC_Contacts_Addressbook::edit($bookid, $name, null)) {
 	OC_JSON::error(array('data' => array('message' => $l->t('Error updating addressbook.'))));
 	OC_Log::write('contacts','ajax/updateaddressbook.php: Error adding addressbook: ', OC_Log::ERROR);
 	//exit();

apps/contacts/js/interface.js

@@ -124,9 +124,11 @@ Contacts={
 					url = OC.filePath('contacts', 'ajax', 'updateaddressbook.php');
 				}
 				$.post(url, { id: bookid, name: displayname, active: active, description: description },
-					function(data){
-						if(data.status == 'success'){
-							$(button).closest('tr').prev().html(data.page).show().next().remove();
+					function(jsondata){
+						if(jsondata.status == 'success'){
+							$(button).closest('tr').prev().html(jsondata.page).show().next().remove();
+						} else {
+							Contacts.UI.messageBox(t('contacts', 'Error'), jsondata.data.message);
 						}
 					});
 				Contacts.UI.Contacts.update();