Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2026-01-23 09:16:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove the double-quote custom validation

Browse source 
Rails has had SQL injection prevention since at least 2009 so we don't
need our version of it anymore.

Fixes ticket #1237
This commit is contained in:
Matt Rogers 2012-02-02 22:27:18 -06:00
parent 71cd34a35f
commit e7268fbaa2
3 changed files with 9 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
app/models/todo.rb
View file

@ -129,7 +129,6 @@ class Todo < ActiveRecord::Base
if !show_from.blank? && show_from < user.date
errors.add("show_from", I18n.t('models.todo.error_date_must_be_future'))
end
errors.add(:description, "may not contain \" characters") if /\"/.match(self.description)
unless @predecessor_array.nil? # Only validate predecessors if they changed
@predecessor_array.each do |todo|
errors.add("Depends on:", "Adding '#{h(todo.specification)}' would create a circular dependency") if is_successor?(todo)