ea8e9901f4
On branch strong-params
...
Your branch is behind 'origin/strong-params' by 1 commit, and can be fast-forwarded.
I'll pull to catch up after this commit
Change code to whitelist params
Remove attr_accessible lines
Add strong_params to Gemfile, since this branch is still on Rails 3
Mixin to ActiveRecord::Base ActiveModel::ForbiddenAttributesProtection
Use an initializer for the mixin
2014-12-05 15:04:01 -05:00
e20d273139
making sure chnages to one branch does not affect another
2014-08-04 13:30:26 -04:00
3f63480022
Added Analytics function to track user hits by ip address, referrer and user agent
2014-04-17 20:03:50 -04:00
59946e056c
changed motorcross to motocross everywhere that it used. Closes or resolves issue #104
2014-03-26 12:58:48 -04:00
70b44b36ad
oops, mikes password changed for some reason which conflicts with our tutorials and such
2014-03-25 11:57:11 -04:00
2c8781ebc1
added a pay controller and model
2014-03-14 20:29:14 -04:00
e7c30151d4
added token to users model and generate token method to users controller
2014-03-11 20:28:15 -04:00
98678b0364
Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013
2013-11-13 19:51:59 -05:00
b605a42812
got the code kicked off so we can encrypt SSN(s) in the database
2013-11-13 19:51:42 -05:00
2629565f21
fixing a small typo :)
2013-11-13 19:34:04 -05:00
efcb7b8c4b
working on encryption
2013-11-13 18:24:26 -05:00
8c672fd2fc
fixed the route
2013-11-13 12:16:48 -05:00
b0a5248c05
adding read data to seeds
2013-10-12 13:38:47 -04:00
8686f6b9d3
adding messages mvc to allow users to send messages.
2013-10-11 16:03:37 -04:00
da061c79b6
intended to remove some of the weirdness when updating a users account. A blank password basically ends up causing the previously existing password to be hashed twice. Probably move to has_secure_password at some point although that may end up screwing up the intent of the particular tutorial item
2013-09-30 13:03:03 -04:00
ea2014b637
I have exhausted all thoughts on how to actually get jquery file upload to work, so screw it, I am just going to make something homegrown for tomorrow
2013-07-09 13:53:00 -04:00
7b900bda2d
fixes issue #24
2013-06-10 16:25:14 -04:00
cc38bd3f2a
testing to see if I have commit access
2013-06-06 20:52:09 -04:00
379c442049
I have added the performance model, controller, route and seed data, now I am working on the actual visual aspects of the page
2013-05-31 14:45:31 -04:00
f8e21af3e0
added a new vulnerability plus completed the work info page
2013-05-31 11:41:54 -04:00
97ca13632d
removed mass assignment of user_id in the users model
2013-05-31 11:08:38 -04:00
08a8c60276
added route, controller, model, sidebar link, and basic index page for the work info section so that we can render user data
2013-05-31 10:48:20 -04:00
23bc521787
got rid of mass assignment in certain areas
2013-05-30 12:52:43 -04:00
21752fab7e
I am setting this up, in this way, so that we have some extensibility. We may wish to have some sort of a polymorphic association where multiple models need to have a scheduling model available to them. That being said, as of right now, only the pto model needs it so I am doing a belong_to and has_one association between the two
2013-05-27 13:09:33 -04:00
af763d40bf
added the PTO section
2013-05-24 20:54:07 -04:00
b1b378f451
added seed data, now time to work on the controllers and the view
2013-05-24 19:34:58 -04:00
471c5851c7
okay, so, we have associations rocking
2013-05-24 19:15:36 -04:00
0d841124f5
assigned a user id, does not "appear" to have screwed anything up
2013-05-24 15:25:06 -04:00
383835d57d
added seed data, this closes issue #12
2013-05-24 13:57:48 -04:00
9c37eb99a1
lost track of what I was doing so I cant tell you what Ive done, heh
2013-04-25 15:23:07 -04:00
68acfe3803
added something :-)
2013-04-25 01:24:59 -04:00
47ce08bb20
working login, signup, and logout
2013-04-25 00:19:00 -04:00
5a992c3c1f
made some changes to the application controller, added a user controller, and am now about to start working on the login piece
2013-04-24 18:09:43 -04:00
dafe2a5f4a
first commit
2013-03-19 17:27:18 -04:00
Fred Nixon