fix(security): fix pervasive IDOR - force JWT user identity in 9 endpoints, fix host injection, exception leaks, wallet auth

2026-06-17 06:22:41 +03:00
parent 4a9e6b22c5
commit d6f29802e0
9 changed files with 67 additions and 33 deletions
--- a/backend/ride/rides/add_ride.php
+++ b/backend/ride/rides/add_ride.php
@@ -57,7 +57,9 @@ $start_location = filterRequest("start_location");
 $end_location = filterRequest("end_location");
 $price = filterRequest("price");
 $price_token = filterRequest("price_token");
-$passenger_id = filterRequest("passenger_id");
+
+// Force passenger_id from JWT — never trust user-supplied passenger_id
+$passenger_id = $user_id;
 $driver_id = filterRequest("driver_id") ?: 0;
 $status = filterRequest("status");
 $price_for_driver = filterRequest("price_for_driver");