From 47526d8340846ebc11032f18684a054f72be377e Mon Sep 17 00:00:00 2001
From: Steven Davidovitz <sdavidovitz@zendesk.com>
Date: Mon, 5 Nov 2012 17:31:27 -0800
Subject: [PATCH] use ERB for templating

---
 lib/kamcaptcha.rb        | 6 +++---
 lib/kamcaptcha/helper.rb | 7 ++++++-
 test/unit/test_helper.rb | 4 ++--
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/lib/kamcaptcha.rb b/lib/kamcaptcha.rb
index 08fab96..7386d2e 100644
--- a/lib/kamcaptcha.rb
+++ b/lib/kamcaptcha.rb
@@ -30,8 +30,8 @@ def encrypt(string)
 
 Kamcaptcha.template = <<-END
   <div class="kamcaptcha">
-    <label for="kamcaptcha_input">%{label}</label><input type="text" id="kamcaptcha_input" name="kamcaptcha[input]" />
-    <input type="hidden" name="kamcaptcha[validation]" value="%{token}" />
-    <img src="%{image}" />
+    <label for="kamcaptcha_input"><%= label %></label><input type="text" id="kamcaptcha_input" name="kamcaptcha[input]" />
+    <input type="hidden" name="kamcaptcha[validation]" value="<%= token %>" />
+    <img src="<%= image %>" />
   </div>
 END
diff --git a/lib/kamcaptcha/helper.rb b/lib/kamcaptcha/helper.rb
index 4a3d0d8..e0b7862 100644
--- a/lib/kamcaptcha/helper.rb
+++ b/lib/kamcaptcha/helper.rb
@@ -1,3 +1,5 @@
+require 'erb'
+
 module Kamcaptcha
   module Helper
     DEFAULT_LABEL = "Please type the characters in the image below"
@@ -16,9 +18,12 @@ def kamcaptcha(options = {})
 
       instance_exec(token, &Kamcaptcha::Token.store) if Kamcaptcha::Token.store
 
-      form = template % { :label => label, :token => token, :image => image }
+      # Makes sure the ERB template only gets these variables: label, token, image
+      form = ERB.new(template).result(OpenStruct.new(:label => label, :token => token, :image => image).send(:binding))
+
       form = form.html_safe if form.respond_to?(:html_safe)
       form
     end
+
   end
 end
diff --git a/test/unit/test_helper.rb b/test/unit/test_helper.rb
index b657001..a46befc 100644
--- a/test/unit/test_helper.rb
+++ b/test/unit/test_helper.rb
@@ -57,7 +57,7 @@ class String
       before(:all) { @prefix, Kamcaptcha.prefix = Kamcaptcha.prefix, "omg/123" }
       after(:all) { Kamcaptcha.prefix = @prefix }
 
-      subject { Kamcaptcha.stub(:random, "hello.png") { kamcaptcha(:template => "%{image}") } }
+      subject { Kamcaptcha.stub(:random, "hello.png") { kamcaptcha(:template => "<%= image %>") } }
 
       it "should prefix image path" do
         assert_equal "/omg/123/hello.png", subject
@@ -68,7 +68,7 @@ class String
       before(:all) { @generator, Kamcaptcha::Token.generator = Kamcaptcha::Token.generator, lambda {|_| "token"}}
       after(:all) { Kamcaptcha::Token.generator = @generator }
 
-      subject { Kamcaptcha.stub(:random, "hello.png") { kamcaptcha(:template => "%{token}") } }
+      subject { Kamcaptcha.stub(:random, "hello.png") { kamcaptcha(:template => "<%= token %>") } }
 
       it "should use the custom generator" do
         assert_equal "token", subject