mirror of
https://github.com/redmine/redmine.git
synced 2024-08-30 05:58:03 +02:00
Use safe_attributes for email addresses.
git-svn-id: http://svn.redmine.org/redmine/trunk@15693 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
d7a6c09822
commit
f165bbd0d7
@ -29,10 +29,7 @@ class EmailAddressesController < ApplicationController
|
||||
saved = false
|
||||
if @user.email_addresses.count <= Setting.max_additional_emails.to_i
|
||||
@address = EmailAddress.new(:user => @user, :is_default => false)
|
||||
attrs = params[:email_address]
|
||||
if attrs.is_a?(Hash)
|
||||
@address.address = attrs[:address].to_s
|
||||
end
|
||||
@address.safe_attributes = params[:email_address]
|
||||
saved = @address.save
|
||||
end
|
||||
|
||||
|
@ -16,6 +16,8 @@
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
|
||||
class EmailAddress < ActiveRecord::Base
|
||||
include Redmine::SafeAttributes
|
||||
|
||||
belongs_to :user
|
||||
attr_protected :id
|
||||
|
||||
@ -29,6 +31,8 @@ class EmailAddress < ActiveRecord::Base
|
||||
validates_uniqueness_of :address, :case_sensitive => false,
|
||||
:if => Proc.new {|email| email.address_changed? && email.address.present?}
|
||||
|
||||
safe_attributes 'address'
|
||||
|
||||
def address=(arg)
|
||||
write_attribute(:address, arg.to_s.strip)
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user