Instantly share code, notes, and snippets.

What would you like to do?
Kennedy Article on Rails Secuity
// ...
protected function build_params() {
$whitelist = array("name", "surname");
$params = array();
foreach($_POST as $key => $value) {
if (in_array($key, $whitelist)) {
$params[":$key"] = $value;
return $params;
// ...

This comment has been minimized.

Copy link

wilmoore commented Mar 20, 2012

FYI, a bit more terse:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment