Use safe_attributes for issue statuses.

git-svn-id: http://svn.redmine.org/redmine/trunk@15691 e93f8b46-1217-0410-a6f0-8f06a7374b81

1 files changed, 4 insertions, 2 deletions

diff --git a/app/controllers/issue_statuses_controller.rb b/app/controllers/issue_statuses_controller.rb
index 8ae945c18..efd2d1c44 100644
--- a/app/controllers/issue_statuses_controller.rb
+++ b/app/controllers/issue_statuses_controller.rb
@@ -35,7 +35,8 @@ class IssueStatusesController < ApplicationController
   end
 
   def create
-    @issue_status = IssueStatus.new(params[:issue_status])
+    @issue_status = IssueStatus.new
+    @issue_status.safe_attributes = params[:issue_status]
     if @issue_status.save
       flash[:notice] = l(:notice_successful_create)
       redirect_to issue_statuses_path
@@ -50,7 +51,8 @@ class IssueStatusesController < ApplicationController
 
   def update
     @issue_status = IssueStatus.find(params[:id])
-    if @issue_status.update_attributes(params[:issue_status])
+    @issue_status.safe_attributes = params[:issue_status]
+    if @issue_status.save
       respond_to do |format|
         format.html {
           flash[:notice] = l(:notice_successful_update)