Is your Rails application safe? (via) update_attributes(params[:foo]) in ActiveRecord is an anti-pattern.
# 22nd September 2008, 8:28 pm / activerecord, antipattern, rails, security
Related