A short overview of Rails' software security troubles in January and February of 2013, and a few tips on how to defend yourself against attackers. Presented at Vienna.rb on 2013-03-07
from users --"}) SELECT *,"Phenoelit" as persistence_token from users -- FROM "users" WHERE "users"."id" IS NULL LIMIT 1 User.find_by_id(params[:user_credendtials_id])
def oops </fail> • Ah, this is a subclass of a Ruby hash with the class of Helpers • Create a new instance of Helpers • Use []= method for each key-value-pair