X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/cacf1879c3bbae1fac645b53be6abf9ee139d686..4b3c207a818b936310f48b768488a6a39845fe81:/app/views/user/view.rhtml

diff --git a/app/views/user/view.rhtml b/app/views/user/view.rhtml
index 033240f77..f27ce6f0a 100644
--- a/app/views/user/view.rhtml
+++ b/app/views/user/view.rhtml
@@ -1,5 +1,5 @@
 <% @this_user = User.find_by_display_name(@this_user.display_name) %>
-<h2><%= @this_user.display_name %></h2>
+<h2><%= h(@this_user.display_name) %></h2>
 <div id="userinformation">
 <% if @user and @this_user.id == @user.id %>
 <%= link_to 'my diary', :controller => 'diary_entry', :action => 'list', :display_name => @user.display_name %>
@@ -32,7 +32,7 @@
   </form>
 <% end %>
 
-<h3>Description</h3?
+<h3>Description</h3>
 <div id="description"><%= simple_format(@this_user.description) %></div>
 
 <% if @this_user.home_lat.nil? or @this_user.home_lon.nil? %>
@@ -40,7 +40,7 @@
 
   No home location has been set.
   <% if @user and @this_user.id == @user.id %>
-  You can set your home location on your <%= link_to 'settings', :controller => 'user', :action => 'account', :display_name => @user.display_name %> page.
+  If you set your location, a pretty map and stuff will appear below. You can set your home location on your <%= link_to 'settings', :controller => 'user', :action => 'account', :display_name => @user.display_name %> page.
   <% end %>
 <% else %>
 
@@ -58,7 +58,7 @@
         <%= image_tag url_for_file_column(@friend, "image") %>
       <% end %>
       </td>
-      <td class="username"><%= link_to @friend.display_name, :controller => 'user', :action => 'view',  :display_name => @friend.display_name %></td>
+      <td class="username"><%= link_to h(@friend.display_name), :controller => 'user', :action => 'view',  :display_name => @friend.display_name %></td>
       <td><% if @friend.home_lon and @friend.home_lat %><%= @this_user.distance(@friend).round %>km away<% end %></td>
       <td class="message">(<%= link_to 'send message', :controller => 'message', :action => 'new', :user_id => @friend.id %>)</td>
       </tr>
@@ -80,7 +80,7 @@
       <table id="nearbyusers">
       <% @this_user.nearby.each do |nearby| %>
       <tr>
-      <td class="username"><%= link_to nearby.display_name, :controller => 'user', :action => 'view',  :display_name => nearby.display_name %></td>
+      <td class="username"><%= link_to h(nearby.display_name), :controller => 'user', :action => 'view',  :display_name => nearby.display_name %></td>
       <td><%= @this_user.distance(nearby).round %>km away</td>
       <td class="message">(<%= link_to 'send message', :controller => 'message', :action => 'new', :user_id => nearby.id %>)</td>
       </tr>