diff --git a/app/controllers/problems_controller.rb b/app/controllers/problems_controller.rb --- a/app/controllers/problems_controller.rb +++ b/app/controllers/problems_controller.rb @@ -88,7 +88,7 @@ flash[:notice] = 'Error: Uploaded file is not PDF' render :action => 'edit' and return end - if @problem.update_attributes(params[:problem]) + if @problem.update_attributes(problem_params) flash[:notice] = 'Problem was successfully updated.' unless params[:file] == nil or params[:file] == '' flash[:notice] = 'Problem was successfully updated and a new PDF file is uploaded.' @@ -285,4 +285,10 @@ def get_problems_stat end + private + + def problem_params + params.require(:problem).permit(:name, :full_name, :full_score, :date_added, :available, :test_allowed,:output_only, :url, :description) + end + end diff --git a/app/controllers/user_admin_controller.rb b/app/controllers/user_admin_controller.rb --- a/app/controllers/user_admin_controller.rb +++ b/app/controllers/user_admin_controller.rb @@ -118,7 +118,7 @@ end end end - flash[:notice] = 'User(s) ' + note.join(', ') + + flash[:success] = 'User(s) ' + note.join(', ') + ' were successfully created. ' + '( (+) - created with random passwords.)' redirect_to :action => 'index' diff --git a/app/views/problems/_form.html.erb b/app/views/problems/_form.html.erb --- a/app/views/problems/_form.html.erb +++ b/app/views/problems/_form.html.erb @@ -2,7 +2,8 @@


-<%= text_field 'problem', 'name' %>

+<%= text_field 'problem', 'name' %> Do not directly edit the problem name, unless you know what you are doing. If you want to change the name, use the name change button in the problem management menu instead. +


<%= text_field 'problem', 'full_name' %>

diff --git a/app/views/problems/show.html.erb b/app/views/problems/show.html.erb --- a/app/views/problems/show.html.erb +++ b/app/views/problems/show.html.erb @@ -21,4 +21,4 @@

<%= link_to 'Edit', :action => 'edit', :id => @problem %> | -<%= link_to 'Back', :action => 'list' %> +<%= link_to 'Back', problems_path %>