Ampersands are not encoded within url tag

[ErikMinekus]

Code:

$code = new Decoda\Decoda('[url]http://milesj.me?a=b&c[/url]');
$code->defaults();
echo $code->parse();

Output:

<a href="http://milesj.me?a=b&amp;c">http://milesj.me?a=b&c</a>

As you can see the ampersand is correctly encoded within attributes, but not inside the content. Even though browsers render this correctly, it's not valid HTML.

[Amegatron]

It seems that the issue refers to Decoda's escaping function (\Decoda\Decoda::escape), which in fact only escapes brackets (< and >), but does not touch apersands.

[milesj]

Nice catch, should be an easy fix.