Displaying 2 results from an estimated 2 matches for "revoke_admin".
2006 Jun 30
3
@foo = Bar.new(params[:foo])
While doing @foo = Bar.new(params[:foo]) in a controller, the
application is open to injection attacks.
For example,
My model has following attributes :
name
password
admin - boolean
Now, if on my form I''m just acception name & password, and doing @foo
= Bar.new(params[:foo]) in my controller, someone can just enter
following in form :
<%= text_field ''foo'',
2006 Jun 30
4
Posting error: Ruby On Rails mailing list archieve
You do not have permission to post to group railinglist. You may need to join
the group before being allowed to post, or this group may not be open to
posting.
Visit http://groups.google.com/group/railinglist/about to join or learn more about who
is allowed to post to the group.
Help on using Google Groups is also available at:
http://groups.google.com/support
-------------- next part