Sanitize query params

[PirminTapken]

query: TracLinks and the [[TicketQuery]] macro both use a mini “query language” for specifying query filters. Basically, the filters are separated by ampersands (&). Each filter then consists of the ticket field name, an operator, and one or more values. More than one value are separated by a pipe (|), meaning that the filter matches any of the values. To include a literal & or | in a value, escape the character with a backslash ().

• http://trac.edgewall.org/wiki/TracQuery

According to the last sentence, & and | are not allowed to occur in search strings. We should have saveguards against this and escape those.