Log Message:
Update rails to 1.2.6.  Based on the patch provided by Geert Hendrickx.

Changes:
* Fix :cookie_only to correctly avoid session fixation attacks (CVE-2007-6077)
* Fix regression where the association would not construct new finder
  SQL on sav e causing bogus queries for "WHERE owner_id = NULL" even
  after owner was saved.