<h2>Send a new message to <%= display_name %></h2>
<% if params[:display_name] %>
-<p>Writing a new message to <%= params[:display_name] %></p>
+<p>Writing a new message to <%= h(params[:display_name]) %></p>
<p>TODO: drop down box of your friends</p>
<%end%>
<%= error_messages_for 'message' %>
-<% form_tag :controller => 'message', :action => 'new' do %>
-subject: <%= text_field 'message', 'title' %><br>
-body: <%= text_area 'message', 'body' %><br>
- <%= submit_tag 'Send' %>
+<% form_for :message do |f| %>
+ <table>
+ <tr valign="top">
+ <th>Subject</th>
+ <td><%= f.text_field :title, :size => 60 %></td>
+ </tr>
+ <tr valign="top">
+ <th>Body</th>
+ <td><%= f.text_area :body, :cols => 80 %></td>
+ </tr>
+ <tr>
+ <th></th>
+ <td><%= submit_tag 'Send' %></td>
+ </tr>
+ </table>
<% end %>
<br />