current page views count: 43559. is it really interesting?
If so, let's walk through what I did(since GH guys told me they fixed it)
1. we have relations. Let me imagine what gh got inside of app:
class PublicKey <..
that means that table public_keys got user_id:Integer field.
So what we need to do is to create new Public key in your account.
and paste it and then submit. Then press edit on fresh-created public key and, e.g. open webinspector to add new field, like below:
input type=hidden value=USER_ID name=public_key[user_id]
so for my stupid prank I used USER_ID which i got at
id = 4223
then press update.
So, what goes on on back end? I can guess:
@pk = PublicKey.find(params[:id])
@pk.update_attributes(params[:public_key]) #Oh no! We passed public_key[user_id] of our victim!
after that procedure your victim got your public key. Enjoy your pushing