|
|
|
|
|
|
by tptacek
5251 days ago
|
|
|
I think it might be worth your time to double check your attr_accessibles. Just: grep attr_accessible app/models/*rb
Everything that comes up on that list, you should be comfortable with users giving any value they want to; that's what attr_accessible (effectively, not literally) means: "I give up any control of how these attributes will be set". |
|
|