--- /dev/null
+diff --git a/lib/taskwarrior-web/helpers.rb b/lib/taskwarrior-web/helpers.rb
+index 212aed7..94c57df 100644
+--- a/lib/taskwarrior-web/helpers.rb
++++ b/lib/taskwarrior-web/helpers.rb
+@@ -1,6 +1,8 @@
+ require 'active_support/core_ext/date/calculations'
+
+ module TaskwarriorWeb::App::Helpers
++ include ERB::Util
++
+ def format_date(timestamp)
+ format = TaskwarriorWeb::Config.dateformat || '%-m/%-d/%Y'
+ Time.parse(timestamp).localtime.strftime(format)
+diff --git a/lib/taskwarrior-web/model/task.rb b/lib/taskwarrior-web/model/task.rb
+index 212aed7..94c57df 100644
+--- a/lib/taskwarrior-web/model/task.rb
++++ b/lib/taskwarrior-web/model/task.rb
+@@ -15,8 +15,14 @@
+
+ def initialize(attributes = {})
+ attributes.each do |attr, value|
++ if attr == "uuid"
++ next
++ end
+ send("#{attr}=", value) if respond_to?(attr.to_sym)
+ end
++ if attributes.has_key? "uuid"
++ send("uuid=", attributes["uuid"])
++ end
+
+ @_errors = []
+ @tags = [] if @tags.nil?
+diff --git a/lib/taskwarrior-web/services/builder/base.rb b/lib/taskwarrior-web/services/builder/base.rb
+index 58d246e..8f716ac 100644
+--- a/lib/taskwarrior-web/services/builder/base.rb
++++ b/lib/taskwarrior-web/services/builder/base.rb
+@@ -10,7 +10,7 @@ module TaskwarriorWeb::CommandBuilder::Base
+ :complete => ':id done',
+ :annotate => ':id annotate',
+ :denotate => ':id denotate',
+- :projects => '_projects',
++ :projects => '_unique project',
+ :tags => '_tags',
+ :sync => 'sync'
+ }
+@@ -21,7 +21,7 @@
+ substitute_parts if @command_string =~ /:id/
+ end
+ parse_params
+- @built = "#{@command_string}#{@params}"
++ @built = "#{@params}#{@command_string}"
+ end
+
+ def task_command
+@@ -43,23 +43,23 @@
+
+ def parse_params
+ string = ''
+- string << %( #{@params.delete(:description).shellescape}) if @params.has_key?(:description)
++ string << %(#{@params.delete(:description).shellescape} ) if @params.has_key?(:description)
+
+ if tags = @params.delete(:tags)
+ tag_indicator = TaskwarriorWeb::Config.property('tag.indicator') || '+'
+- tags.each { |tag| string << %( #{tag_indicator}#{tag.to_s.shellescape}) }
++ tags.each { |tag| string << %(#{tag_indicator}#{tag.to_s.shellescape} ) }
+ end
+
+ if tags = @params.delete(:remove_tags)
+- tags.each { |tag| string << %( -#{tag.to_s.shellescape}) }
++ tags.each { |tag| string << %(-#{tag.to_s.shellescape} ) }
+ end
+
+ @params.each do |attr, value|
+ if @command != :update or attr != :uuid
+ if value.respond_to? :each
+- value.each { |val| string << %( #{attr.to_s}:\\"#{val.to_s.shellescape}\\") }
++ value.each { |val| string << %(#{attr.to_s}:\\"#{val.to_s.shellescape}\\" ) }
+ else
+- string << %( #{attr.to_s}:\\"#{value.to_s.shellescape}\\")
++ string << %(#{attr.to_s}:\\"#{value.to_s.shellescape}\\" )
+ end
+ end
+ end
+diff --git a/lib/taskwarrior-web/views/tasks/_form.erb b/lib/taskwarrior-web/views/tasks/_form.erb
+index 789e7a1..fa08698 100644
+--- a/lib/taskwarrior-web/views/tasks/_form.erb
++++ b/lib/taskwarrior-web/views/tasks/_form.erb
+@@ -1,14 +1,14 @@
+ <div class="control-group">
+ <label for="task-description" class="control-label">Description</label>
+ <div class="controls">
+- <input type="text" required="required" id="task-description" name="task[description]" value="<%= @task.description unless @task.nil? %>" />
++ <input type="text" required="required" id="task-description" name="task[description]" value="<%=h @task.description unless @task.nil? %>" />
+ </div>
+ </div>
+
+ <div class="control-group">
+ <label for="task-project" class="control-label">Project</label>
+ <div class="controls">
+- <input type="text" id="task-project" name="task[project]" value="<%= @task.project unless @task.nil? %>" autocomplete="off" />
++ <input type="text" id="task-project" name="task[project]" value="<%=h @task.project unless @task.nil? %>" autocomplete="off" />
+ </div>
+ </div>
+
+@@ -45,7 +45,7 @@
+ <div class="control-group">
+ <label for="task-tags" class="control-label">Tags</label>
+ <div class="controls">
+- <input type="text" id="task-tags" name="task[tags]" value="<%= @task.tags.join(', ') unless @task.nil? %>" autocomplete="off" />
++ <input type="text" id="task-tags" name="task[tags]" value="<%=h @task.tags.join(', ') unless @task.nil? %>" autocomplete="off" />
+ <span class="help-block">Enter tags separated by commas or spaces (e.g. <em>each, word will,be a tag</em>)</span>
+ </div>
+ </div>