diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-12-12 13:19:07 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-12-12 13:19:07 +0000 |
| commit | a4d7a99c22d9aac89a38c1cb411158777b72bb9d (patch) | |
| tree | 12a6f4f752208ca050a899b0599d290d85c2f87f /app/controllers/my_controller.rb | |
| parent | 3409333522a76ade39db41124df596b2b95eccc0 (diff) | |
| download | redmine-a4d7a99c22d9aac89a38c1cb411158777b72bb9d.tar.gz redmine-a4d7a99c22d9aac89a38c1cb411158777b72bb9d.zip | |
Declare safe attributes for User and Projects models.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4492 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/my_controller.rb')
| -rw-r--r-- | app/controllers/my_controller.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/my_controller.rb b/app/controllers/my_controller.rb index 46747b334..e552caa16 100644 --- a/app/controllers/my_controller.rb +++ b/app/controllers/my_controller.rb @@ -53,7 +53,7 @@ class MyController < ApplicationController @user = User.current @pref = @user.pref if request.post? - @user.attributes = params[:user] + @user.safe_attributes = params[:user] @user.mail_notification = params[:notification_option] || 'only_my_events' @user.pref.attributes = params[:pref] @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') |