Displaying 2 results from an estimated 2 matches for "password_reset_cod".
Did you mean:
password_reset_code
2007 Oct 15
6
SQL injection with :order, :limit, :group
I know how to avoid SQL injection attacks when you use :conditions
User.find :first, :conditions => ["login=?", params[:username]]
but how about with :order, :limit or :group?
# uh-oh...spaghetti-oh
User.find :first, :order => "login; delete from users; select * from users"
Pat
--~--~---------~--~----~------------~-------~--~----~
You received this message because you
2007 Dec 29
2
Simply Rich Authenticator Released
Hi,
I have developed a mini Rails app using Rails 2.0.2, RESTful authentication
and Acts as State Machine. It has the following features:
1. Login
2. Logout
3. User Activation
4. Forgot Password
5. Reset Password
You can check out the code from:
svn checkout *http*://simply-rich-authenticator.googlecode.com/svn/trunk/simply-rich-authenticator-read-only
Happy New Year!
--