X-Git-Url: https://projects.mako.cc/source/selectricity/blobdiff_plain/91f41ab40bb4f7508ba7b09e128fa7f0029e1523..05b5b421b24810c17b05c7aaca08a93c4ececad5:/app/controllers/quickvote_controller.rb?ds=inline diff --git a/app/controllers/quickvote_controller.rb b/app/controllers/quickvote_controller.rb index a365171..4783eb2 100644 --- a/app/controllers/quickvote_controller.rb +++ b/app/controllers/quickvote_controller.rb @@ -15,7 +15,7 @@ class QuickvoteController < ApplicationController # store the candidate grabbed through ajax and stored in flash @quickvote.candidatelist = flash[:candlist] - + @quickvote.description=CGI.escapeHTML(@quickvote.description) # try to save, if it fails, show the page again (the flash should # still be intact if @quickvote.save