diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-07-16 09:34:45 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-07-16 09:34:45 +0000 |
| commit | dca56a0350c38bc78cae294800d928b11d625f66 (patch) | |
| tree | 4a489116b3cd3a87038ae7d637f4d6615751f016 /app/controllers/trackers_controller.rb | |
| parent | adde498b33b74598419af06ead4277fe09d1c8e0 (diff) | |
| download | redmine-dca56a0350c38bc78cae294800d928b11d625f66.tar.gz redmine-dca56a0350c38bc78cae294800d928b11d625f66.zip | |
Use safe_attributes.
git-svn-id: http://svn.redmine.org/redmine/trunk@15669 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/trackers_controller.rb')
| -rw-r--r-- | app/controllers/trackers_controller.rb | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/app/controllers/trackers_controller.rb b/app/controllers/trackers_controller.rb index 49856e352..72dbdaf7c 100644 --- a/app/controllers/trackers_controller.rb +++ b/app/controllers/trackers_controller.rb @@ -31,13 +31,15 @@ class TrackersController < ApplicationController end def new - @tracker ||= Tracker.new(params[:tracker]) + @tracker ||= Tracker.new + @tracker.safe_attributes = params[:tracker] @trackers = Tracker.sorted.to_a @projects = Project.all end def create - @tracker = Tracker.new(params[:tracker]) + @tracker = Tracker.new + @tracker.safe_attributes = params[:tracker] if @tracker.save # workflow copy if !params[:copy_workflow_from].blank? && (copy_from = Tracker.find_by_id(params[:copy_workflow_from])) @@ -58,7 +60,8 @@ class TrackersController < ApplicationController def update @tracker = Tracker.find(params[:id]) - if @tracker.update_attributes(params[:tracker]) + @tracker.safe_attributes = params[:tracker] + if @tracker.save respond_to do |format| format.html { flash[:notice] = l(:notice_successful_update) |