28 Jun '12, 3am

Protect your Rails project from Hackers:

26: Hackers Love Mass Assignment (view original Railscast) Other translations: Other formats: Mass assignment is something most Rails programmers make use of as it provides an easy way to populate the properties of a model object from a form. Unfortunately its simplicity can make it a target for hackers. We’ll explain how and show you how to solve it in this episode. Our simple registration form. Above is a simple user registration form. When a user enters their user name and clicks “submit” a new User model is created. Our user model is defined in the schema like this, with a string field called name and a boolean field called admin that defaults to false. create_table :users do |t| t.string :name t.boolean :admin, :default => false, :null => false end When a user fills in the form and clicks register, the create action is called. def create @user = User.new(params[:user]...

Full article: http://asciicasts.com/episodes/26-hackers-love-mass-assig...

Tweets

Railscasts - Git on Rails:

railscasts.com 26 Jun '12, 3pm

Git has been getting a lot of buzz lately, and for good reason. It's an excellent SCM which in many ways is more simple an...

@johnbarton writing an interceptor for this case is pretty trivial.

@johnbarton writing an interceptor for this cas...

asciicasts.com 02 Jul '12, 6am

Next we need to write the code that will deliver the email when the user is created. Some people like to use a Model Obser...

What’s New in Edge Rails #27: Week of June 25 -...

afreshcup.com 02 Jul '12, 12pm

is Mike Gunderloy's software development weblog, covering Ruby on Rails and whatever else I find interesting in the univer...