SET lnk = base _ "/" _ table _ "/" _ command _ "/" _ additional;
lnk = lnk | uri | html;
'<a href="' _ lnk _ '">';
- label;
+ label | html;
"</a>";
END;
%]
IF object.isa('Maypole::Model::Base');
link(object.table, "view", object.id.join('/'), object);
ELSE;
- object;
+ object | html ;
END;
END;
%]
NEXT IF col == "id" OR col == classmetadata.table _ "_id";
"<td>";
IF col == "url" AND item.url;
- '<a href="'; item.url; '"> '; item.url; '</a>';
+ '<a href="'; item.url | html ; '"> '; item.url; '</a>';
ELSIF col == classmetadata.stringify_column;
maybe_link_view(item);
ELSE;
#%]
[% MACRO view_item(item) BLOCK; %]
[% SET string = classmetadata.stringify_column %]
- <div id="title"> [% item.$string %]</div>
+ <div id="title"> [% item.$string | html %]</div>
[% INCLUDE navbar %]
<table class="view">
<tr>
<td class="field">[% classmetadata.colnames.$string %]</td>
- <td>[% item.$string %]</td>
+ <td>[% item.$string | html %]</td>
</tr>
[% FOR col = classmetadata.columns.list;
NEXT IF col == "id" OR col == string OR col == classmetadata.table _ "_id";;
<td class="field">[% classmetadata.colnames.$col; %]</td>
<td>
[% IF col == "url" && item.url; # Possibly too much magic.
- '<a href="'; item.url; '"> '; item.url; '</a>';
+ '<a href="'; item.url | html ; '"> '; item.url; '</a>';
ELSE;
maybe_link_view(item.$col);
END; %]