projects / selectricity-live / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
added the ability to add safe html tags to input (i.e., images)
[selectricity-live] / app / views / common / _pref_tables.rhtml
diff --git a/app/views/common/_pref_tables.rhtml b/app/views/common/_pref_tables.rhtml
index 7701985ec49b5e5a3c7a1ce965c410242e046c75..567873b594652cb624a32ed3faeb6d6d503a84b0 100644 (file)
--- a/app/views/common/_pref_tables.rhtml
+++ b/app/views/common/_pref_tables.rhtml
@@ -14,13 +14,13 @@ top of the left column.</p>
   <tr>
        <td></td>
        <% candidates.each do |candidate| -%>
-         <th><%=h @names[candidate] -%></th>
+         <th><%= white_list(@names[candidate]) -%></th>
   <% end -%>
  </tr>
 
 <% candidates.each do |winner| -%>
   <tr>
-       <th><%=h @names[winner] %></th>
+       <th><%= white_list(@names[winner]) %></th>
   <% candidates.each do |loser| -%> 
     <% if winner == loser -%>
       <td> -- </td>
@@ -46,10 +46,10 @@ parenthesis.</p>
 <table class="preftable">
   <% candidates.each do |victor| %>
   <tr>
-    <th><%=h @names[victor] %></th>
+    <th><%= white_list(@names[victor]) %></th>
        <% victories[victor].keys.each do |loser| %>
        <% margin = victories[victor][loser]%>
-       <td><%=h @names[loser] %> 
+       <td><%= white_list(@names[loser]) %> 
            <% if margin == 0%>
                  Tied!
                <% else -%>
Voting machinery for the masses!

Benjamin Mako Hill || Want to submit a patch?