fix

Author: cunla

firebase.json

@@ -1,4 +1,7 @@
 {
+  "firestore": {
+    "rules": "firestore.rules"
+  },
   "hosting": {
     "public": "www/browser",
     "ignore": [

firestore.rules

@@ -0,0 +1,8 @@
+rules_version = '2';
+service cloud.firestore {
+  match /databases/{database}/documents {
+    match /users/{userId} {
+      allow read, write: if request.auth != null && request.auth.token.email == userId;
+    }
+  }
+}

src/app/auth/auth.service.ts

@@ -37,15 +37,17 @@ export class AuthService {
         try {
             await this.afAuth.createUserWithEmailAndPassword(email, password);
         } catch (e) {
-            alert('Error!' + e.message);
+            console.error('Signup error:', e);
+            alert('Sign up failed. Please check your details and try again.');
         }
     }
 
     async emailLogin(email: string, password: string) {
         try {
             await this.afAuth.signInWithEmailAndPassword(email, password);
         } catch (e) {
-            alert('Error!' + e.message);
+            console.error('Login error:', e);
+            alert('Login failed. Please check your email and password.');
         }
     }
 

src/app/today/today.page.ts

@@ -124,9 +124,15 @@ export class TodayPage implements OnInit {
         const startIndex = text.toLowerCase().indexOf(query.toLowerCase());
         if (startIndex !== -1) {
           const matchingString = text.substring(startIndex, query.length);
+          const escaped = matchingString
+            .replace(/&/g, '&')
+            .replace(/</g, '&lt;')
+            .replace(/>/g, '&gt;')
+            .replace(/"/g, '&quot;')
+            .replace(/'/g, '&#039;');
           text = text.replace(
             matchingString,
-            `<span (click)="unmark($event)" class="highlight">${matchingString}</span>`,
+            `<span class="highlight">${escaped}</span>`,
           );
         }
       });