From 760662de868c0311f2e40a5e6f8982a521a3d990 Mon Sep 17 00:00:00 2001
From: Mikhail Dieterle <MikDiet@gmail.com>
Date: Fri, 19 Jul 2013 10:54:24 +0300
Subject: [PATCH] use strong_params in example

---
 guides/source/engines.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/guides/source/engines.md b/guides/source/engines.md
index bc66ed256e..d8120fe244 100644
--- a/guides/source/engines.md
+++ b/guides/source/engines.md
@@ -393,10 +393,15 @@ The form will be making a `POST` request to `/posts/:post_id/comments`, which wi
 ```ruby
 def create
   @post = Post.find(params[:post_id])
-  @comment = @post.comments.create(params[:comment])
+  @comment = @post.comments.create(comment_params)
   flash[:notice] = "Comment has been created!"
   redirect_to posts_path
 end
+
+private
+def comment_params
+  params.require(:comment).permit(:text)
+end
 ```
 
 This is the final part required to get the new comment form working. Displaying the comments however, is not quite right yet. If you were to create a comment right now you would see this error: