X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/37317b8295506eccbae28bdd7b4b28b17e5ceb62..7acbc0c7c6ccee2e2f5700bf6d8748fe471d1779:/app/views/diary_entry/new.rhtml?ds=inline diff --git a/app/views/diary_entry/new.rhtml b/app/views/diary_entry/new.rhtml index 69995d00e..7ee1eeaed 100644 --- a/app/views/diary_entry/new.rhtml +++ b/app/views/diary_entry/new.rhtml @@ -23,16 +23,17 @@ <% end %> <% if @user.home_lat.nil? or @user.home_lon.nil? %> - <% lon = params['lon'] || '-0.1' %> - <% lat = params['lat'] || '51.5' %> - <% zoom = params['zoom'] || '4' %> + <% lon = h(params['lon'] || '-0.1') %> + <% lat = h(params['lat'] || '51.5') %> + <% zoom = h(params['zoom'] || '4') %> <% else %> - <% lon = @user.home_lon %> - <% lat = @user.home_lat %> - <% zoom = '12' %> + <% lon = @user.home_lon %> + <% lat = @user.home_lat %> + <% zoom = '12' %> <% end %> - +<%= javascript_include_tag '/openlayers/OpenLayers.js' %> +<%= javascript_include_tag '/openlayers/OpenStreetMap.js' %> <%= javascript_include_tag 'map.js' %> \ No newline at end of file +