johnsonmlw wrote: [...] > I get the same problem. *Any* username or password is allowed. > > So I can enter 'foo' and no password and it let's me in. > > Odd.
Not odd at all. The problem is that == binds tighter than ||, so that user == 'admin' || 'slt' is equivalent to (user == 'admin') || 'slt' This will return true if user is 'admin', or 'slt' in any other case. It will never return false. Best, -- Marnen Laibow-Koser http://www.marnen.org [email protected] -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
