Hamza-Ayed 50a5308f43 Fix #20: DDL removal from register.php, CORS policy, secret leak ...

- Removed ALTER TABLE DDL statements from Admin/auth/register.php (belongs in migration scripts)
- Added validated CORS with configurable allowed origins via CORS_ALLOWED_ORIGINS env var
- Removed  assignment in load_env.php (secrets no longer exposed in superglobal)

2026-06-17 07:51:01 +03:00

3.0 KiB

Raw Blame History

View Raw