<p>The OpenStreetMap database is currently in read-only mode while
essential database maintenance work is carried out.
</p>
+<% elsif !@user.data_public? %>
+<p>You haven't set your edits to be public.</p>
+<p>You can't use the online editor unless you do so. You can set your edits as public from your
+<%= link_to 'user page', {:controller => 'user', :action => 'account', :display_name => @user.display_name}%>.</p>
+<p>(<a href="http://wiki.openstreetmap.org/index.php/Disabling_anonymous_edits">Find out why this is the case.</a>)</p>
<% else %>
<% content_for :greeting do %>
<% if @user and !@user.home_lon.nil? and !@user.home_lat.nil? %>
<% session[:token] = @user.tokens.create.token unless session[:token] %>
<% if params['mlon'] and params['mlat'] %>
-<% lon = params['mlon'] %>
-<% lat = params['mlat'] %>
-<% zoom = params['zoom'] || '12' %>
+<% lon = h(params['mlon']) %>
+<% lat = h(params['mlat']) %>
+<% zoom = h(params['zoom'] || '12') %>
<% elsif @user and params['lon'].nil? and params['lat'].nil? %>
<% lon = @user.home_lon %>
<% lat = @user.home_lat %>
<% zoom = '12' %>
<%else%>
-<% lon = params['lon'] || '-0.1' %>
-<% lat = params['lat'] || '51.5' %>
-<% zoom = params['zoom'] || '12' %>
+<% lon = h(params['lon'] || '-0.1') %>
+<% lat = h(params['lat'] || '51.5') %>
+<% zoom = h(params['zoom'] || '12') %>
<% end %>
<div id="map">You need a Flash player to use Potlatch, the
<a href="http://wiki.openstreetmap.org/index.php/Editing">Several other options</a> are also available
for editing OpenStreetMap.
</div>
-<script type="text/javascript" src="/javascripts/swfobject.js"></script>
+<%= javascript_include_tag 'swfobject.js' %>
<script type="text/javascript">
var brokenContentSize = $("content").offsetWidth == 0;
- var fo = new SWFObject("/potlatch/potlatch.swf?d="+Math.round(Math.random()*1000), "potlatch", "700", "600", "6", "#FFFFFF");
+ var fo = new SWFObject("/potlatch/potlatch.swf?d="+Math.round(Math.random()*1000), "potlatch", "100%", "100%", "6", "#FFFFFF");
+ // 700,600 for fixed size, 100%,100% for resizable
+ var changesaved=true;
+ var winie=false; if (document.all && window.print) { winie=true; }
+
+ window.onbeforeunload=function() {
+ if (!changesaved && !winie) {
+ return "You have unsaved changes. (To save in Potlatch, you should deselect the current way or point.)";
+ }
+ }
function doSWF(lat,lon,sc) {
if (sc < 11) sc = 11;
fo.addVariable('long',lon);
fo.addVariable('scale',sc);
fo.addVariable('token','<%= session[:token] %>');
-<% if params['gpx'] %> fo.addVariable('gpx','<%= params['gpx']+"/data" %>'); <% end %>
+ <% if params['gpx'] %>
+ fo.addVariable('gpx','<%= h(params['gpx']) + "/data.xml" %>');
+ <% end %>
fo.write("map");
}
window.onresize = handleResize;
window.onload = handleResize;
-
-<% unless @user.data_public? %>
- var warningtext ="<div style='padding-left:8px;padding-right:8px;'><p>You haven't set your edits to be public.</p><p><b>From mid-November, you will no longer be able to use the online editor unless you do so.</b> You can set your edits as public from your ";
- var warningtext=warningtext+'<%= link_to 'user page', {:controller => 'user', :action => 'account', :display_name => @user.display_name}%>.</p>';
- var warningtext=warningtext+'<p>(<a href="http://wiki.openstreetmap.org/index.php/Disabling_anonymous_edits">Find out why this is changing.</a>)</p></div>';
- updateSidebar("Warning",warningtext);
- openSidebar();
-<% end %>
-
-
</script>
<% end %>