This is a common issue, and not with just Rails applications. You best bet is to design your user profile update page to not send the password. Either provide a change password page, or a separate for used specifically to change the password.
Others may have other ideas on how to deal with that. I suggest looking around at other profile update pages and see how they handle it. Ian wrote: > I'm working on an "update your profile" page. One of the fields is > the user's password. I have a couple of validation rules set up in > the user model regarding the password's minimum and maximum length and > it not being blank, etc. They work great. However, is there a way to > turn them off and not update that column if the user does not enter > anything in that field? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
