This website requires JavaScript.
Explore
Help
Register
Sign In
team-alpha
/
railsgoat
Watch
1
Star
0
Fork
0
You've already forked railsgoat
Code
Issues
Pull Requests
Actions
Packages
Projects
Releases
Wiki
Activity
Files
0021ddd0368b78ae43ed95694acc5e5e88ea9701
railsgoat
/
app
/
controllers
T
History
cktricky
da061c79b6
intended to remove some of the weirdness when updating a users account. A blank password basically ends up causing the previously existing password to be hashed twice. Probably move to has_secure_password at some point although that may end up screwing up the intent of the particular tutorial item
2013-09-30 13:03:03 -04:00
..
admin_controller.rb
finished admin filter and write-up for issue
#6
2013-06-04 11:49:59 -04:00
application_controller.rb
finished admin filter and write-up for issue
#6
2013-06-04 11:49:59 -04:00
benefit_forms_controller.rb
working command injection in fileupload, closes issue
#23
2013-07-09 16:36:03 -04:00
dashboard_controller.rb
we are going to fix this by automatically generating data for ppl that register HOWEVER, just in case that fails for some reason, I have applied a filter that ensures if some data is not associated with a person they cannot navigate to all aspects of the application. This is a preventive measure
2013-05-31 19:02:00 -04:00
paid_time_off_controller.rb
made some big changes here. The schedule had a has_one relationship with the PTO model. That is a problem since we only get one result back. meaning, a user cant have multiple scheduled events. This has been fixed with the use of has_many within the PTO model. Now, in relation to the PTO section, the next changes to happen are to be a fully functional create action that allows an event to be schedule, the form and controller has already been created. Umm, also, a calendar has been added and when we get the results back from a call to the create event action we will update that calendar. Think that is about it for now
2013-05-28 12:48:35 -04:00
performance_controller.rb
added visualization chart for performance history
2013-05-31 15:20:58 -04:00
retirement_controller.rb
moving in the right direction
2013-05-24 19:51:09 -04:00
schedule_controller.rb
so now, when you add a PTO scheduled date, the calendar on your PTO page automatically updates to show this event :-)
2013-05-31 10:31:35 -04:00
sessions_controller.rb
okay, finally got a working redirect vuln
2013-06-04 11:00:01 -04:00
tutorials_controller.rb
fixes issue
#24
2013-06-10 16:25:14 -04:00
users_controller.rb
intended to remove some of the weirdness when updating a users account. A blank password basically ends up causing the previously existing password to be hashed twice. Probably move to has_secure_password at some point although that may end up screwing up the intent of the particular tutorial item
2013-09-30 13:03:03 -04:00
work_info_controller.rb
Issue
#3
can be closed, write-up and vuln complete for A4
2013-06-03 01:54:07 -04:00
cktricky