projects / Sone.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Escape all IDs in HTML.
[Sone.git] / src / main / resources / templates / include / viewPost.html
diff --git a/src/main/resources/templates/include/viewPost.html b/src/main/resources/templates/include/viewPost.html
index f66fa54..adeb92a 100644 (file)
--- a/src/main/resources/templates/include/viewPost.html
+++ b/src/main/resources/templates/include/viewPost.html
@@ -1,30 +1,30 @@
-<div id="<% post.id>" class="post">
+<div id="<% post.id|html>" class="post">
        <div>
-               <div class="author profile-link"><a href="viewSone.html?sone=<% post.sone.id>"><% post.sone.niceName|html></a></div>
+               <div class="author profile-link"><a href="viewSone.html?sone=<% post.sone.id|html>"><% post.sone.niceName|html></a></div>
                <div class="text"><% post.text|html></div>
        </div>
        <div class="status-line">
-               <div class="time"><a href="viewPost.html?post=<% post.id>"><% post.time|date format="MMM d, yyyy, HH:mm:ss"></a></div>
-               <%if post.sone.isCurrent><div class="delete"><a href="deletePost.html?post=<% post.id>"><%= View.Post.DeleteLink|l10n|html></a></div><%/if>
+               <div class="time"><a href="viewPost.html?post=<% post.id|html>"><% post.time|date format="MMM d, yyyy, HH:mm:ss"></a></div>
+               <%if post.sone.current><div class="delete"><a href="deletePost.html?post=<% post.id|html>"><%= View.Post.DeleteLink|l10n|html></a></div><%/if>
        </div>
        <div class="replies">
                <%foreach post.replies reply>
                        <div class="reply">
                                <div>
-                                       <div class="author profile-link"><a href="viewSone.html?sone=<% reply.sone.id>"><% reply.sone.niceName|html></a></div>
+                                       <div class="author profile-link"><a href="viewSone.html?sone=<% reply.sone.id|html>"><% reply.sone.niceName|html></a></div>
                                        <div class="text"><% reply.text|html></div>
                                </div>
                                <div class="status-line">
                                        <div class="time"><% reply.time|date format="MMM d, yyyy, HH:mm:ss"></div>
-                                       <%if reply.sone.isCurrent><div class="delete"><a href="deleteReply.html?reply=<% reply.id>"><%= View.Post.Reply.DeleteLink|l10n|html></a></div><%/if>
+                                       <%if reply.sone.current><div class="delete"><a href="deleteReply.html?reply=<% reply.id|html>"><%= View.Post.Reply.DeleteLink|l10n|html></a></div><%/if>
                                </div>
                        </div>
                <%/foreach>
                <div class="create-reply">
                        <form method="post" action="createReply.html">
                                <input type="hidden" name="formPassword" value="<% formPassword|html>" />
-                               <input type="hidden" name="post" value="<% post.id>" />
-                               <input type="text" class="create-reply" name="text" value="" />
+                               <input type="hidden" name="post" value="<% post.id|html>" />
+                               <input type="text" class="reply-input" name="text" value="" />
                                <button type="submit"><%= View.Post.SendReply|l10n|html></button>
                        </form>
                </div>
Sone – The Social Network plugin for Freenet