X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/cfbdd3f7e1c688e2c875ded9fd847fcc1c3a4caf..b89ea4110d9d5bbd4cff48dfeb0e605430b5ae54:/app/views/diary_entry/new.rhtml

diff --git a/app/views/diary_entry/new.rhtml b/app/views/diary_entry/new.rhtml
index 69995d00e..7ee1eeaed 100644
--- a/app/views/diary_entry/new.rhtml
+++ b/app/views/diary_entry/new.rhtml
@@ -23,16 +23,17 @@
 <% end %>
 
 <% if @user.home_lat.nil? or @user.home_lon.nil? %>
-  <% lon =  params['lon'] || '-0.1' %>
-  <% lat =  params['lat'] || '51.5' %>
-  <% zoom =  params['zoom'] || '4' %> 
+  <% lon = h(params['lon'] || '-0.1') %>
+  <% lat = h(params['lat'] || '51.5') %>
+  <% zoom = h(params['zoom'] || '4') %> 
 <% else %>
-  <% lon =  @user.home_lon %>
-  <% lat =  @user.home_lat %>
-  <% zoom =  '12' %>
+  <% lon = @user.home_lon %>
+  <% lat = @user.home_lat %>
+  <% zoom = '12' %>
 <% end %>
 
-<script type="text/javascript" src="/openlayers/OpenLayers.js"></script>
+<%= javascript_include_tag '/openlayers/OpenLayers.js' %>
+<%= javascript_include_tag '/openlayers/OpenStreetMap.js' %>
 <%= javascript_include_tag 'map.js' %>
 
 <script type="text/javascript">
@@ -68,4 +69,4 @@
 
   window.onload = init;
 // -->
-</script>
\ No newline at end of file
+</script>