Questions about this topic? Sign up to ask in the talk tab.
Mass Assignment
From NetSec
Revision as of 03:33, 22 October 2012 by LashawnSeccombe (Talk | contribs)
Ruby
Typically used in Ruby on Rails, sometimes people will use the following code to create an ActiveRecord object to add a database entry:
|
<syntaxhighlight lang=ruby> @user=User.new(params[:user]) </syntaxhighlight> |
There have been problems with RoR in the past with mass assignment.
PHP
<?php $object = new object(); foreach ($_REQUEST as $property => $value) { $object->$property = $value; } ?> |
| This article contains too little information, it should be expanded or updated. |
|---|
Things you can do to help:
|
