6b1864fbcd
Using the `_html` suffix in an i18n key is the same as using `html_safe` on it, which means that translation could potentially be used for XSS attacks.
43 lines
1.6 KiB
Plaintext
43 lines
1.6 KiB
Plaintext
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
|
<%= wicked_pdf_stylesheet_link_tag "application" -%>
|
|
<%= wicked_pdf_stylesheet_link_tag "pdf_fonts" -%>
|
|
</head>
|
|
<body class="dashboard-poster-pdf">
|
|
<div class="poster-header">
|
|
<h1>
|
|
<strong><%= t("dashboard.poster.index.poster_title") %>
|
|
<br>
|
|
<%= wicked_pdf_image_tag("finger.png") %>
|
|
<%= t("dashboard.poster.index.poster_subtitle") %>
|
|
</strong>
|
|
</h1>
|
|
<p class="intro">
|
|
<%= sanitize(t("dashboard.poster.index.intro_text", org: Setting["org_name"])) %>
|
|
</p>
|
|
<p class="text-center proposal-code">
|
|
<strong><%= t("dashboard.poster.index.proposal_code", code: proposal.code) %></strong>
|
|
</p>
|
|
<div class="proposal-image">
|
|
<% if proposal.image.present? %>
|
|
<div class="overflow-image" style="background-image: url(<%= asset_url proposal.image.attachment.url(:large) %>);"></div>
|
|
<% else %>
|
|
<div class="overflow-image" style="background-image:url('<%= "file://#{Rails.root.join("app","assets","images","default_mailing.jpg")}" %>');"></div>
|
|
<% end %>
|
|
</div>
|
|
<div class="poster-content">
|
|
<h2 class="text-center"><strong><%= t("dashboard.poster.index.support") %></strong></h2>
|
|
<%= wicked_pdf_image_tag "quote_before_blue.png" %>
|
|
<h3><strong><%= proposal.title %></strong></h3>
|
|
<%= wicked_pdf_image_tag "quote_after_blue.png" %>
|
|
<p class="poster-footer">
|
|
<%= sanitize(t("dashboard.poster.index.footer", link: proposal_url(proposal))) %>
|
|
</p>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|