Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
51 Commits 2 Branches 0 Tags
50a5308f43b872a4095488840d18fe49ec82c63d
Commit Graph

4 Commits

Author SHA1 Message Date
Hamza-Ayed
50a5308f43 Fix #20: DDL removal from register.php, CORS policy, secret leak 
- Removed ALTER TABLE DDL statements from Admin/auth/register.php (belongs in migration scripts)
- Added validated CORS with configurable allowed origins via CORS_ALLOWED_ORIGINS env var
- Removed  assignment in load_env.php (secrets no longer exposed in superglobal)
 2026-06-17 07:51:01 +03:00
Hamza-Ayed
72eeb24cd7 Fix #18: Exception leak remediation across 87 PHP files 
- Replaced all client-facing $e->getMessage() with generic error messages
- Added error_log() with filename prefix to all catch blocks
- Covered jsonError(), echo, and json_encode() response patterns
- Also fixed 2 remaining display_errors=1 and add_invoice.php leak
- Script-assisted fix for 75 files, manual fix for 12 remaining edge cases
 2026-06-17 07:48:31 +03:00
Hamza-Ayed
f907212c57 Update: 2026-06-12 20:40:40 2026-06-12 20:40:40 +03:00
Hamza-Ayed
d8901e1a87 first commit 2026-06-09 08:40:31 +03:00