From c9ceabc27d7e26036de0b2f002978d33b1e64718 Mon Sep 17 00:00:00 2001 From: Ken Johnson Date: Tue, 9 Dec 2025 14:48:12 +0000 Subject: [PATCH 1/3] Fix DataTables column configuration error on pay page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixed "Requested unknown parameter '1' for row 0, column 1" error by adding explicit column definitions to the DataTable initialization. The issue occurred because DataTables was initialized without column definitions, but data was being added as arrays. DataTables needs explicit column configuration to properly map array data to columns. Changes: - Added "columns" configuration to DataTable initialization - Defined all 4 columns with proper titles - Set "orderable: false" for Actions column This fixes the popup error that appeared when visiting /users/1/pay 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- app/views/pay/index.html.erb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/app/views/pay/index.html.erb b/app/views/pay/index.html.erb index 55ec624..895f1c3 100644 --- a/app/views/pay/index.html.erb +++ b/app/views/pay/index.html.erb @@ -207,7 +207,13 @@ function createDataTable(){ }, "autoWidth": false, "searching": true, - "ordering": true + "ordering": true, + "columns": [ + { "title": "Account Number" }, + { "title": "Routing Number" }, + { "title": "Deposit %" }, + { "title": "Actions", "orderable": false } + ] }); }; From fe53d38da00eea6468451da48be6892b8e676209 Mon Sep 17 00:00:00 2001 From: Ken Johnson Date: Tue, 9 Dec 2025 14:50:25 +0000 Subject: [PATCH 2/3] Remove broken CodeClimate badge from README MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Removed the CodeClimate badge link from the README header as the CodeClimate links are no longer functional. Kept the Build Status badge from Travis CI. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9f93c8a..fdb1d12 100755 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# RailsGoat [![Build Status](https://api.travis-ci.org/OWASP/railsgoat.png?branch=master)](https://travis-ci.org/OWASP/railsgoat) [![Code Climate](https://codeclimate.com/github/OWASP/railsgoat.png)](https://codeclimate.com/github/OWASP/railsgoat) +# RailsGoat [![Build Status](https://api.travis-ci.org/OWASP/railsgoat.png?branch=master)](https://travis-ci.org/OWASP/railsgoat) RailsGoat is a vulnerable version of the Ruby on Rails Framework from versions 3 to 6. It includes vulnerabilities from the OWASP Top 10, as well as some "extras" that the initial project contributors felt worthwhile to share. This project is designed to educate both developers, as well as security professionals. From 05cc35927a8c801243135f57ae308def849dccb3 Mon Sep 17 00:00:00 2001 From: Ken Johnson Date: Tue, 9 Dec 2025 14:51:41 +0000 Subject: [PATCH 3/3] Fix dropdown selection display on messages page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added prompt option "Select a recipient..." to the To dropdown on the messages page. This provides a clear placeholder and makes the selected user's name visible after selection. Before: Dropdown showed no placeholder, making it unclear what was selected After: Shows "Select a recipient..." by default, then displays the selected user's name when a recipient is chosen Fixes the issue where clicking a user in the dropdown didn't show their name in the dropdown field. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- app/views/messages/index.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/messages/index.html.erb b/app/views/messages/index.html.erb index eee6678..a239679 100644 --- a/app/views/messages/index.html.erb +++ b/app/views/messages/index.html.erb @@ -108,7 +108,7 @@ <%= f.select(:receiver_id, options_from_collection_for_select(User.all, :id, :full_name), - {}, + { prompt: "Select a recipient..." }, { class: "form-select form-select-lg" }) %> Select message recipient