Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55 Commits 2 Branches 0 Tags
2c56d2f41e63b39764ad6c260672a55a3d5eaea0
Commit Graph

3 Commits

Author SHA1 Message Date
Hamza-Ayed
e51d266a0f Fix #17: SQL injection + mass data exposure (backend) 
- Fixed SQL injection in ride/license/get.php (interpolated variable → parameterized query)
- Added admin role checks to all 3 mass data endpoints (driver tokens, passenger tokens, phones+tokens)
- Added pagination (50/page) to all 4 mass data endpoints
- Fixed LIMIT to use placeholders with type binding
 2026-06-17 07:45:35 +03:00
Hamza-Ayed
4a9e6b22c5 fix(security): add role checks to 7 admin endpoints, fix undefined vars in admin_update_passenger, add input validation to send_whatsapp 2026-06-17 06:19:47 +03:00
Hamza-Ayed
d8901e1a87 first commit 2026-06-09 08:40:31 +03:00