Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): fix login AND logic to OR, add signup input validation, separate OTP rate limit keys

Browse Source
This commit is contained in:
Hamza-Ayed
2026-06-17 07:05:58 +03:00
parent 70c06edd71
commit 1a9619f9f8
3 changed files with 38 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
backend/auth/signup.php
View File

@@ -12,6 +12,24 @@ $gender = filterRequest("gender");
$birthdate = filterRequest("birthdate");
$site = filterRequest("site");
// --- Input Validation ---
if (empty($phone) || strlen(preg_replace('/\D+/', '', $phone)) < 8) {
jsonError("Valid phone number is required.");
exit;
}
if (!empty($email) && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
jsonError("Valid email address is required.");
exit;
}
if (empty($password) || strlen($password) < 6) {
jsonError("Password must be at least 6 characters.");
exit;
}
if (empty($first_name) || empty($last_name)) {
jsonError("First name and last name are required.");
exit;
}
// تشفير البيانات الحساسة
$phone = $encryptionHelper->encryptData($phone);
$email = $encryptionHelper->encryptData($email);