diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 8834b5d0..0691ae9b 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,11 +2,8 @@ class ApplicationController < ActionController::Base
   protect_from_forgery
   
   helper :all
-  
   before_filter :set_locale
   
-  filter_parameter_logging :password
-  
   Liquid::Template.register_filter(SnippetFilter)
   
   def render_liquid_page
diff --git a/app/models/user.rb b/app/models/user.rb
index 478f2588..612d4705 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -3,7 +3,7 @@ class User
  
   devise :authenticatable, :recoverable, :rememberable, :trackable
   
-  # key :use_attributes
+  key :use_attributes, Array
   
   def method_missing(method)
     safe_read(method)
diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb
index 1dcb952c..54c76a1c 100644
--- a/app/views/layouts/admin.html.erb
+++ b/app/views/layouts/admin.html.erb
@@ -11,6 +11,7 @@
     <%= stylesheet_link_tag "ie", :media => "screen, projection" %>
   <![endif]-->
   <%= yield :page_specific_css %>
+  <%= csrf_meta_tag %>
 </head>
 <body>
 <div id="container">
diff --git a/app/views/layouts/panel.html.erb b/app/views/layouts/panel.html.erb
index af33440b..26127ae2 100644
--- a/app/views/layouts/panel.html.erb
+++ b/app/views/layouts/panel.html.erb
@@ -11,6 +11,7 @@
     <%= stylesheet_link_tag "ie", :media => "screen, projection" %>
   <![endif]-->
   <%= yield :page_specific_css %>
+  <%= csrf_meta_tag %>
 </head>
 <body>
 <div id="container">
diff --git a/app/views/panel/users/_form.html.erb b/app/views/panel/users/_form.html.erb
index 1be9e60e..0f14962b 100644
--- a/app/views/panel/users/_form.html.erb
+++ b/app/views/panel/users/_form.html.erb
@@ -1,4 +1,19 @@
+<div id="select_user_attributes">
+    <% @user_attributes.each do |ua| %>
+        <%= check_box_tag "user[use_attributes][]", ua.key,  @user.use_attributes.include?(ua.key) %> <%= ua.name %>
+    <% end -%>
+    <%= hidden_field_tag 'user[use_attributes][]','' %>
+</div>
+
+<div>
+<p>
+    <%= f.label :email %>
+    <%= f.text_field :email %>
+</p>
+</div>
+
 <% @user_attributes.each do |ua| %>
+<div id="attribute_<%= ua.key %>"<%= raw(' style="display: none;"') unless @user.use_attributes.include?(ua.key) %>>
     <h3><%= ua.name %></h3>
     
     <% ua.attrs.each do |attr|  %>
@@ -7,9 +22,15 @@
         <%= f.send(attr["type"], "#{ua.key}_#{attr["key"]}" )%>
     </p>
     <% end -%>
+</div>
 <% end -%>
 
-<p>
-    <%= f.label :email %>
-    <%= f.text_field :email %>
-</p>
\ No newline at end of file
+<% content_for :page_specific_javascript do %>
+<script type="text/javascript" charset="utf-8">
+    $(document).ready(function(){
+        $('#select_user_attributes input').click(function(){
+            $("#attribute_"+this.value).toggle();
+        });
+    });
+</script>
+<% end -%>
\ No newline at end of file