http://blog.coryfoy.com/2008/01/putting-choices-in-an-html-select-does-not-mean-you-cant-get-hacked/ It's all about delivering Thu, 09 Feb 2012 07:42:54 +0000 hourly 1 http://wordpress.org/?v=3.2.1 http://blog.coryfoy.com/2008/01/putting-choices-in-an-html-select-does-not-mean-you-cant-get-hacked/comment-page-1/#comment-89 ben-scofield Thu, 31 Jan 2008 08:20:00 +0000 http://blog.cornetdesign.com/?p=92#comment-89 FYI, there's an even easier way to get around the drop-down menu of options. If you're running Firefox, Firebug and the Web Developer Toolbar both allow you to edit forms on a page, adding fields and/or values willy-nilly. Incidentally, this is the Best Reason Evar to add attr_accessible to your Rails models - nothing worse than having someone add a <input type="text" name="user[administrator]" value="1" /> to their registration form... FYI, there’s an even easier way to get around the drop-down menu of options. If you’re running Firefox, Firebug and the Web Developer Toolbar both allow you to edit forms on a page, adding fields and/or values willy-nilly. Incidentally, this is the Best Reason Evar to add attr_accessible to your Rails models – nothing worse than having someone add a
to their registration form…

]]>