Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Prevent eval things from happening #24

Merged
merged 1 commit into from

2 participants

Klaus Trainer Murat GUZEL
Klaus Trainer

No description provided.

Murat GUZEL muratguzel merged commit 642277c into from
Murat GUZEL
Owner

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 26, 2013
  1. Klaus Trainer
This page is out of date. Refresh to see the latest.
Showing with 1 addition and 1 deletion.
  1. +1 −1  lib/generators/letsrate/templates/rater_controller.rb
2  lib/generators/letsrate/templates/rater_controller.rb
View
@@ -2,7 +2,7 @@ class RaterController < ApplicationController
def create
if current_user.present?
- obj = eval "#{params[:klass]}.find(#{params[:id]})"
+ obj = params[:klass].classify.constantize.find(params[:id])
if params[:dimension].present?
obj.rate params[:score].to_i, current_user.id, "#{params[:dimension]}"
else
Something went wrong with that request. Please try again.