From d43d6e0cd93474350c7650d7b92f8090928d7180 Mon Sep 17 00:00:00 2001
From: Benjamin Kellermann <Benjamin.Kellermann@gmx.de>
Date: Mon, 19 Aug 2013 10:01:27 +0200
Subject: reverted to older revision (bugfix caused exception)

---
 poll.rb | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/poll.rb b/poll.rb
index 8a9be6a..269fcb5 100644
--- a/poll.rb
+++ b/poll.rb
@@ -178,7 +178,7 @@ class Poll
 	end
 
 	def invite_to_html
-		edituser = CGI.escapeHTML($cgi["edituser"]) unless $cgi.include?("deleteuser")
+		edituser = $cgi["edituser"] unless $cgi.include?("deleteuser")
 		invitestr = _("Invite")
 		namestr = _("Name")
 		ret = <<HEAD
@@ -248,25 +248,24 @@ END
 	end
 
 	def deleteuser_to_html
-		edituser = CGI.escapeHTML($cgi["edituser"])
 		ret = "<tr id='add_participant'>\n"
-		ret += "<td colspan='2' class='name'>#{edituser}</td>"
+		ret += "<td colspan='2' class='name'>#{$cgi["edituser"]}</td>"
 		ret += "<td colspan='#{@head.col_size}'>"
-		ret += _("Do you really want to delete user %{user}?") % {:user => edituser}
-		ret += "<input type='hidden' name='delete_participant_confirm' value='#{edituser}' />"
+		ret += _("Do you really want to delete user %{user}?") % {:user => $cgi["edituser"]}
+		ret += "<input type='hidden' name='delete_participant_confirm' value='#{$cgi["edituser"]}' />"
 		ret += "</td>"
-		ret += save_input(edituser, "", _("Confirm"))
+		ret += save_input($cgi["edituser"], "", _("Confirm"))
 		ret += "</tr>"
 		ret
 	end
 
 	def edituser_to_html
-		edituser = CGI.escapeHTML($cgi["edituser"]) 
+		edituser = $cgi["edituser"]
 		checked = {}
 		if @data.include?(edituser)
 			@head.columns.each{|k| checked[k] = @data[edituser][k]}
 		else
-			edituser = CGI.escapeHTML($cgi.cookies["username"][0]) unless @data.include?($cgi.cookies["username"][0])
+			edituser = $cgi.cookies["username"][0] unless @data.include?($cgi.cookies["username"][0])
 			@head.columns.each{|k| checked[k] = NOVAL}
 		end
 
-- 
cgit v1.2.3