Hamza-Ayed
72eeb24cd7
Fix #18 : Exception leak remediation across 87 PHP files
...
- Replaced all client-facing $e->getMessage() with generic error messages
- Added error_log() with filename prefix to all catch blocks
- Covered jsonError(), echo, and json_encode() response patterns
- Also fixed 2 remaining display_errors=1 and add_invoice.php leak
- Script-assisted fix for 75 files, manual fix for 12 remaining edge cases
2026-06-17 07:48:31 +03:00
Hamza-Ayed
d6f29802e0
fix(security): fix pervasive IDOR - force JWT user identity in 9 endpoints, fix host injection, exception leaks, wallet auth
2026-06-17 06:22:41 +03:00
Hamza-Ayed
b516fbc4ed
Update: 2026-06-16 17:47:17
2026-06-16 17:47:19 +03:00
Hamza-Ayed
c0fe990ebe
Update: 2026-06-16 02:52:06
2026-06-16 02:52:06 +03:00
Hamza-Ayed
2c657fa0b4
Update: 2026-06-16 02:14:34
2026-06-16 02:14:35 +03:00
Hamza-Ayed
fc58529b09
Update: 2026-06-16 01:17:28
2026-06-16 01:17:29 +03:00
Hamza-Ayed
04943e3d52
Update: 2026-06-15 19:39:21
2026-06-15 19:39:21 +03:00
Hamza-Ayed
2321b78244
Update: 2026-06-15 01:37:40
2026-06-15 01:37:41 +03:00
Hamza-Ayed
f021ba5a35
Update: 2026-06-14 22:10:07
2026-06-14 22:10:08 +03:00
Hamza-Ayed
f907212c57
Update: 2026-06-12 20:40:40
2026-06-12 20:40:40 +03:00
Hamza-Ayed
727068b668
Update: 2026-06-11 18:22:57
2026-06-11 18:22:59 +03:00
Hamza-Ayed
c5170a88d2
Update: 2026-06-11 13:47:39
2026-06-11 13:47:40 +03:00
Hamza-Ayed
977adfe99d
Update: 2026-06-10 18:11:50
2026-06-10 18:11:50 +03:00
Hamza-Ayed
d8901e1a87
first commit
2026-06-09 08:40:31 +03:00
