diff options
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 63dd5b1dd..9da4ad743 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -106,7 +106,12 @@ class User < ActiveRecord::Base name.strip! end if self.public_banned? - name = _("{{user_name}} (Account suspended)", :user_name=>name) + # Use interpolation to return a string rather than a SafeBuffer so that + # gsub can be called on it until we upgrade to Rails 3.2. The name returned + # is not marked as HTML safe so will be escaped automatically in views. We + # do this in two steps so the string still gets picked up for translation + name = _("{{user_name}} (Account suspended)", :user_name=> name.html_safe) + name = "#{name}" end name end @@ -298,7 +303,7 @@ class User < ActiveRecord::Base text = CGI.escapeHTML(text) text = MySociety::Format.make_clickable(text, :contract => 1) text = text.gsub(/\n/, '<br>') - return text + return text.html_safe end # Returns domain part of user's email address |