From 94e9fc5ac4ede1b44e5c047cd88720b894f65a78 Mon Sep 17 00:00:00 2001
From: James Fleming <jflemingprod@gmail.com>
Date: Sat, 6 Jul 2013 23:21:27 +0200
Subject: [PATCH] Use strong params in profiles_controller

---
 app/controllers/profiles_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
index ef1ec28e4..c82b1f43b 100644
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -33,7 +33,7 @@ class ProfilesController < ApplicationController
 
   def update
     # upload and set new profile photo
-    @profile_attrs = params[:profile] || {}
+    @profile_attrs = params.require(:profile).permit(:first_name, :last_name, :gender, :bio, :location, :searchable, :tag_string, :nsfw, :date => [:year, :month, :day]) || {}
     
     munge_tag_string