Hamza-Ayed e51d266a0f Fix #17: SQL injection + mass data exposure (backend) ...

- Fixed SQL injection in ride/license/get.php (interpolated variable → parameterized query)
- Added admin role checks to all 3 mass data endpoints (driver tokens, passenger tokens, phones+tokens)
- Added pagination (50/page) to all 4 mass data endpoints
- Fixed LIMIT to use placeholders with type binding

2026-06-17 07:45:35 +03:00

2.9 KiB

Raw Permalink Blame History

View Raw