Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2d607d9e90ca682bf12875b6575cc6fe85fcab69
Siro/backend/Admin/auth
History
Hamza-Ayed 2d607d9e90 Fix #19: Plaintext OTP hashing + hardcoded server paths 
- Changed OTP storage in Admin/auth/login.php from plaintext to sha256 hash
- Updated Admin/auth/verify_login.php to hash user input before comparison
- Replaced hardcoded /home/siro-api/ paths with environment variables:
  - ERROR_LOG_PATH, ENV_FILE_PATH, SECRET_KEY_PAY_PATH, SECRET_KEY_PATH
  - Falls back to __DIR__-relative paths when env vars are unset
2026-06-17 07:49:46 +03:00
..
approve_admin.php
Fix #18: Exception leak remediation across 87 PHP files
2026-06-17 07:48:31 +03:00
list_pending.php
Fix #18: Exception leak remediation across 87 PHP files
2026-06-17 07:48:31 +03:00
login.php
Fix #19: Plaintext OTP hashing + hardcoded server paths
2026-06-17 07:49:46 +03:00
loginWallet.php
Fix #19: Plaintext OTP hashing + hardcoded server paths
2026-06-17 07:49:46 +03:00
migrate_db.php
Fix #18: Exception leak remediation across 87 PHP files
2026-06-17 07:48:31 +03:00
migration_cryptography.php
Fix #18: Exception leak remediation across 87 PHP files
2026-06-17 07:48:31 +03:00
register.php
Fix #18: Exception leak remediation across 87 PHP files
2026-06-17 07:48:31 +03:00
send_otp_admin.php
Update: 2026-06-12 20:40:40
2026-06-12 20:40:40 +03:00
verify_login.php
Fix #19: Plaintext OTP hashing + hardcoded server paths
2026-06-17 07:49:46 +03:00
verify_otp_admin.php
Update: 2026-06-12 20:40:40
2026-06-12 20:40:40 +03:00