Fix vulnerable.

app/controllers/admin/diplomas_controller.rb

@@ -14,7 +14,7 @@ class Admin::DiplomasController < OrbitMemberController
   end
 
   def new
-    @member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
+    @member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
     @diploma = Diploma.new
 
     if params[:desktop]
@@ -139,7 +139,7 @@ class Admin::DiplomasController < OrbitMemberController
   end
 
   def frontend_setting
-    @member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
+    @member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
     @intro = DiplomaIntro.find_by(:member_profile_id=>@member.id) rescue nil
     @intro = @intro.nil? ? DiplomaIntro.new({:member_profile_id=>@member.id}) : @intro
   end

app/controllers/personal_diplomas_controller.rb

@@ -58,7 +58,7 @@ class PersonalDiplomasController < ApplicationController
 
   def show
     params = OrbitHelper.params
-    plugin = Diploma.where(:is_hidden=>false).find_by(uid: params[:uid])
+    plugin = Diploma.where(:is_hidden=>false).find_by(uid: params[:uid].to_s)
 
     fields_to_show = [
       "name",