Upgraded 2 gems by rebuilding Gemfile.lock file; Fixed find/first dep warning #158

2014-10-10 15:38:00 -04:00
parent dcfd44e481
commit 789ccff349
2 changed files with 4 additions and 3 deletions
@@ -93,7 +93,7 @@ GEM
    eventmachine (1.0.3)
    execjs (2.2.1)
    fastercsv (1.5.5)
-    ffi (1.9.5)
+    ffi (1.9.6)
    foreman (0.75.0)
      dotenv (~> 0.11.1)
      thor (~> 0.19.1)
@@ -159,7 +159,7 @@ GEM
      sqlite3-ruby
      thin
    method_source (0.8.2)
-    mime-types (2.3)
+    mime-types (2.4.1)
    mini_portile (0.5.3)
    minitest (4.7.5)
    multi_json (1.10.1)
@@ -31,7 +31,8 @@ class UsersController < ApplicationController
    # Still an Insecure DoR vulnerability
    #user = User.find(:first, :conditions => ["user_id = ?", "#{params[:user][:user_id]}"])

-    user = User.find(:first, :conditions => "user_id = '#{params[:user][:user_id]}'")
+    # user = User.find(:first, :conditions => "user_id = '#{params[:user][:user_id]}'")
+    user = User.where("user_id = '#{params[:user][:user_id]}'").first
    if user
      user.skip_user_id_assign = true
      user.skip_hash_password = true