Based on a stack overflow on the previous Q & A, I added the following for the application. RB:
config.active_record.whitelist_attributes = false As was I got this kind of errors, not attributes largely protected
After I did this, it seemed like everything was working fine. I am getting this same error now, but this one is wrong negative. Note that even if I'm getting an error, then the column has actually been updated.
Here is the debugger output:
Start "for 127.0.0.1" / categories / 5 "in 2012-07-09 11:26:40 -0700 processing Categories controller # updated as HTML parameter: { "utf8" = & gt; "a", "Pramanikta_tokn" = & gt; "SifcfX29c + mGRIJXvUWGnZ8mBelMm4uZloYsoO317SY =", "Admin_selections" = & gt; { "admin1" = & gt ; "56", "admin2" => "55", "admin3" => "", "admin4" => "", "admin5" => "", "Admin6" = & Gt; "", "admin7" =>, "", "admin8" => ""}, "category" => {"update_admins_field" => 1 "}", "committee" = & Gt; "Update category", "id" = & gt; "5"} Select Category Load (0.2ms) `Categories'. * To` Category Update 'categories'. 'ID` = 5 limited 1 (0.1ms) BEGIN (0.2ms)' Categories 'SET` admins` =' [\ "56 \", \ "55 \", \ "\" ], 'updated_at` =' 2012-07-09 18: 26:40 'WHERE `Srenian`````` = 5 (1.3 mms) COMMIT (0.1 ms) BEGIN (0.1 ms) rollback completed 500 internal server error 5 model operating in MMS :: mass assignment security: :: error (can not Mess S-defined protected characteristics: Utf8, _method, Pramanikta_tokn, class, committed, action, controller, ID): app / controller / Srenian_ Free Ntrk. RB: 74: 'Block in updates' app / controllers / categories_controller RB: 62: These `update ' It seems that the MySQL code is properly generated, but then there is a rollback and 500 error.
Here is the code related to categories_controller.rb: DEF update @ category = category.fund (Param [: id]) response_to do | Format | If the #this line is 62 then: [: Category] [: update_admins_field] params ['admins'] = return_admins_json (params) if @recategory update_attribute (admin, parameter ['admins']) format.html {redirect_to @category, Notice: 'Category was updated successfully.' } # Line 66 format.json {head: no_content} end else format.html {redirect_to @ category, notice: 'The category was not updated successfully.' } Format.json {head: no_content} end if @ category. update_attributes (parameter) #line 74 format.html {redirect_to @ category, notice: 'Category was updated successfully.' } Format.json {head: no_content} else format.html {render action: "edit"} format.json {render json: @ category.errors, status :: unprocessable_entity} end end end < P> Why is it being the line of 74? Should the user be redirected to line 66? Why am I getting an error when updates?
You must set the whitelist / author to right, and use attr_accessible in each model for security reasons. Here's information about:
Also, read Neue's word above.
EDIT:
In the flow of your control, I think that it is not your will. If line 74 is provided, it will be passed, possibly earlier if the conditional
If parameter [Category] [: update_admins_field] and Then the second failed if
if @ category.update_attribute (: admin, parameter ['admins']) and then exit that if / else / End and continued line 74, no withdrawal was called so far. To fix this, I think that you want something like this:
If the success of the update administrator return to the admin category and the failure of the return to expire, then the success of the normal return and Refund failure expiration / Pre>
Comments
Post a Comment