X-Git-Url: https://projects.mako.cc/source/selectricity-live/blobdiff_plain/257d5a4c8c02d7b001fbfbce4aaced9f9937ff61..58fb91dde4b0a16c1a764dda66e31bc57565e41f:/app/controllers/quickvote_controller.rb diff --git a/app/controllers/quickvote_controller.rb b/app/controllers/quickvote_controller.rb index 5b3acab..bb60b45 100644 --- a/app/controllers/quickvote_controller.rb +++ b/app/controllers/quickvote_controller.rb @@ -14,7 +14,7 @@ class QuickvoteController < ApplicationController @quickvote = QuickVote.new(params[:quickvote]) # store the candidate grabbed through ajax and stored in flash @quickvote.candidatelist = flash[:candlist] - @quickvote.description=CGI.escapeHTML(@quickvote.description) + @quickvote.description=@quickvote.description # try to save, if it fails, show the page again (the flash should # still be intact if @quickvote.save @@ -33,7 +33,7 @@ class QuickvoteController < ApplicationController end def add_candidate - candidate_name = CGI.escapeHTML(params[:ajax][:newcandidate]) + candidate_name = params[:ajax][:newcandidate] unless candidate_name.strip.empty? if flash.has_key?(:candlist) and flash[:candlist].instance_of?(Array) flash[:candlist] << candidate_name unless flash[:candlist].index(candidate_name)