Merge pull request #45 from chrismo/users_controller_change

Fixed logic to strip out user params.

.gitignore

@@ -1,22 +1,8 @@
-# See http://help.github.com/ignore-files/ for more about ignoring files.
-#
-# If you find yourself ignoring temporary files generated by your text editor
-# or operating system, you probably want to add a global ignore instead:
-#   git config --global core.excludesfile ~/.gitignore_global
-
-# Ignore bundler config
 /.bundle
-
+/bin
-# Ignore the default SQLite database.
 /db/*.sqlite3
-
-# Ignore all logfiles and tempfiles.
 /log/*.log
 /tmp
 .elasticbeanstalk/
-
-# Ignore Mac folder settings
 .DS_Store
-
+/public/data
-# Ignore data directory
-/public/data

Gemfile

@@ -11,13 +11,14 @@ gem 'foreman'
 
 group :development do
   gem 'brakeman'
-  gem 'guard-brakeman'
-	gem 'guard-rspec'
-  gem 'rb-fsevent'
-  gem 'guard-shell'
   gem 'bundler-audit'
+  gem 'guard-brakeman'
   gem 'guard-livereload'
+  gem 'guard-rspec'
+  gem 'guard-shell'
+  gem 'pry'
   gem 'rack-livereload'
+  gem 'rb-fsevent'
 	gem 'travis-lint'
 end
 

Gemfile.lock

@@ -243,6 +243,7 @@ DEPENDENCIES
   jquery-rails
   minitest (~> 4.0)
   powder
+  pry
   rack-livereload
   rails (= 3.2.13)
   rb-fsevent

app/controllers/users_controller.rb

@@ -36,7 +36,7 @@ class UsersController < ApplicationController
     
     user = User.find(:first, :conditions => "user_id = '#{params[:user][:user_id]}'")
     user.skip_user_id_assign = true
-    user.update_attributes(params[:user].reject { |k| k == ("password" || "password_confirmation") || "user_id" })
+    user.update_attributes(params[:user].reject { |k| %w(password password_confirmation user_id).include? k })
     pass = params[:user][:password]
     user.password = pass if !(pass.blank?)
     message = true if user.save!