X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/1fcd5f559324d9f00cf1f71618c8f723506b2026..4168e0963ee19e05c07b40d30e868fd652fd3757:/app/views/trace/view.rhtml?ds=inline diff --git a/app/views/trace/view.rhtml b/app/views/trace/view.rhtml index 60f71b7c7..d4bdb9745 100644 --- a/app/views/trace/view.rhtml +++ b/app/views/trace/view.rhtml @@ -1,4 +1,4 @@ -

<%= @title %>

+

<%= h(@title) %>

@@ -22,11 +22,11 @@ <% end %> Owner: - <%= link_to @trace.user.display_name, {:controller => 'user', :action => 'view', :display_name => @trace.user.display_name} %> + <%= link_to h(@trace.user.display_name), {:controller => 'user', :action => 'view', :display_name => @trace.user.display_name} %> Description: - <%= @trace.description %> + <%= h(@trace.description) %> Tags: @@ -50,6 +50,9 @@ <%= button_to 'Make this track public permanently', :controller => 'trace', :action => 'make_public', :id => @trace.id %> <% end %> <% if @trace.user.id == @user.id %> + <%= button_to 'Edit this track', :controller => 'trace', :action => 'edit', :id => @trace.id %> + <% end %> + <% if @trace.user.id == @user.id %> <%= button_to 'Delete this track', :controller => 'trace', :action => 'delete', :id => @trace.id %> <% end %>