Skip to content
Permalink
Browse files Browse the repository at this point in the history
KISS and form_value() doesn't use escaping
  • Loading branch information
daftspunk committed Apr 4, 2018
1 parent 2ef3029 commit 098c2bc
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions components/account/update.htm
@@ -1,13 +1,13 @@
{{ form_ajax('onUpdate', { model: user }) }}
{{ form_ajax('onUpdate') }}

<div class="form-group">
<label for="accountName">Full Name</label>
<input name="name" type="text" class="form-control" id="accountName" value="{{ form_value('name') }}">
<input name="name" type="text" class="form-control" id="accountName" value="{{ user.name }}">
</div>

<div class="form-group">
<label for="accountEmail">Email</label>
<input name="email" type="email" class="form-control" id="accountEmail" value="{{ form_value('email') }}">
<input name="email" type="email" class="form-control" id="accountEmail" value="{{ user.email }}">
</div>

<div class="form-group">
Expand All @@ -22,4 +22,4 @@

<button type="submit" class="btn btn-default">Save</button>

{{ form_close() }}
{{ form_close() }}

0 comments on commit 098c2bc

Please sign in to comment.