Still problems left

There are some problems:

• The < > characters are not escaped correctly yet
• A waveid might not be unique- I need to add the waveletid to the database query
• Password input is not secured for sql injection
• The link to the original Wave does not work properly

I'm looking at these issues after the new api deployment. I guess I will have to deploy a complete new robot afterwards too.