I'm going through one of the Rails tutorials, during a section on user validations, I keep getting an error telling me my password confirmations can't be blank when editing/creating a user. I looked through previous answers and it looks like people used attr_accessible, which was pulled out of rails. I'm a total rails/web dev newb so I'm not sure how to proceed. The view is in HAML, sorry if that's bad practice.

Model

class User < ActiveRecord::Base

  before_save { self.email = email.downcase }
  attr_accessor :name, :email
  validates_confirmation_of :password
  has_secure_password


  validates :name, presence: true, length:{ maximum: 16 }

  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i

  validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
    uniqueness: { case_sensitive: false }

  validates :password, length: { minimum: 6 }


  has_one :profile
  has_many :posts


  end

View

= form_for(@user) do |f|
  - if @user.errors.any?
    #error_explanation
      %h2
        = pluralize(@user.errors.count, "error")
        prohibited this username from being saved:
      %ul
        - @user.errors.full_messages.each do |msg|
          %li= msg

  .field
    = f.label :name
    = f.text_field :name   

  .field
    = f.label :email
    =f.text_field :email       

  .field
    = f.label :password
    = f.password_field :password

    = f.label :password_confirmation
    = f.password_field :password_confirmation

  .actions
    = f.submit

Since your using rails 4, take a look at your strong params settings and make sure that password_confirmation is permitted.

This is a new feature in rails 4: http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html