<% %>
<% if @voter.election.shortdesc %>
- <h1><%= @voter.election.shortdesc %></h1>
+ <h1><%=h @voter.election.shortdesc %></h1>
<% else %>
<h1>QuickVote</h1>
<% end %>
<% if @voter.election.longdesc %>
<p><strong>Description:</strong></p>
- <blockquote><%= @voter.election.longdesc %></blockquote>
+ <blockquote><%=h @voter.election.longdesc %></blockquote>
<h2>Vote</h2>
<% end %>
<p>You have already voted. You can:</p>
<ul>
- <li><%= link_to "Change your vote.", quickaction_url( :votename => @voter.election.name, :action => 'change' ) %></li>
+ <li><%= link_to "Change your vote.", quickaction_url( :ident => @voter.election.name, :action => 'change' ) %></li>
- <li><%= link_to "View election results.", quickaction_url( :votename => @voter.election.name, :action => 'results' ) %></li>
+ <li><%= link_to "View election results.", quickaction_url( :ident => @voter.election.name, :action => 'results' ) %></li>
</ul>
<% else %>
<ol id="rankings-list">
<% for ranking in @voter.vote.rankings %>
<li class="moveable" id="ranking_<%= ranking.candidate.id %>">
- <%= ranking.candidate.name.capitalize %></li>
+ <%=h ranking.candidate.name.capitalize %></li>
<% end %>
</ol>
</div>
<div class="clearbox"></div>
-<%= button_to "Confirm Vote", quickaction_url( :action => 'confirm', :votename => @voter.election.name) %>
+<%= button_to "Confirm Vote", quickaction_url( :action => 'confirm', :ident => @voter.election.name) %>
<%= sortable_element 'rankings-list',
:url => { :action => "sort_candidates" , :id => @voter.vote.id },