Hamza-Ayed
e51d266a0f
Fix #17 : SQL injection + mass data exposure (backend)
...
- Fixed SQL injection in ride/license/get.php (interpolated variable → parameterized query)
- Added admin role checks to all 3 mass data endpoints (driver tokens, passenger tokens, phones+tokens)
- Added pagination (50/page) to all 4 mass data endpoints
- Fixed LIMIT to use placeholders with type binding
2026-06-17 07:45:35 +03:00
Hamza-Ayed
4a9e6b22c5
fix(security): add role checks to 7 admin endpoints, fix undefined vars in admin_update_passenger, add input validation to send_whatsapp
2026-06-17 06:19:47 +03:00
Hamza-Ayed
9bbda24d4a
fix(security): add .gitignore, remove PEM keys and debug endpoints from tracking
2026-06-17 06:17:03 +03:00
Hamza-Ayed
b516fbc4ed
Update: 2026-06-16 17:47:17
2026-06-16 17:47:19 +03:00
Hamza-Ayed
fc58529b09
Update: 2026-06-16 01:17:28
2026-06-16 01:17:29 +03:00
Hamza-Ayed
04943e3d52
Update: 2026-06-15 19:39:21
2026-06-15 19:39:21 +03:00
Hamza-Ayed
2321b78244
Update: 2026-06-15 01:37:40
2026-06-15 01:37:41 +03:00
Hamza-Ayed
f021ba5a35
Update: 2026-06-14 22:10:07
2026-06-14 22:10:08 +03:00
Hamza-Ayed
f907212c57
Update: 2026-06-12 20:40:40
2026-06-12 20:40:40 +03:00
Hamza-Ayed
ef6b52d2e3
Update: 2026-06-12 01:23:54
2026-06-12 01:23:54 +03:00
Hamza-Ayed
c5170a88d2
Update: 2026-06-11 13:47:39
2026-06-11 13:47:40 +03:00
Hamza-Ayed
d8901e1a87
first commit
2026-06-09 08:40:31 +03:00
