changed SQLi vuln location, did write-up, closes issue #1

2013-06-03 12:31:34 -04:00
parent 6528b56de6
commit 6d5623a423
3 changed files with 106 additions and 9 deletions
@@ -37,6 +37,7 @@
 		        </div>
 		        <div class="widget-body">
 			     <%= form_for @user, :html => {:id => "account_edit"} do |f|%>
+			         <%= f.hidden_field :user_id%>
 					<div class="control-group">
 		              <%= f.label :email, nil, {:class => "control-label"}%>
 					  <%= f.text_field :email, {:class => "span12"}%>