Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security enhancement: Users should be created and edited via the ORM in UserEditor.php #7071

Open
DAcodedBEAT opened this issue Jun 12, 2024 · 3 comments
Open

Security enhancement: Users should be created and edited via the ORM in UserEditor.php #7071

DAcodedBEAT opened this issue Jun 12, 2024 · 3 comments
Labels
enhancement good first issue Indicates a good issue for first-time contributors php Pull requests that update Php code Security Stale

Comments

@DAcodedBEAT
Copy link
Contributor

Is your feature request related to a problem? Please describe.

UserEditor.php still manually crafts a SQL string for data insertion. Using the ORM enforces OOP and implicitly uses prepared statements, which prevents SQL injection attacks

Describe the solution you'd like

Use the ORM in UserEditor.php
@DAcodedBEAT DAcodedBEAT added enhancement Security php Pull requests that update Php code labels Jun 12, 2024
@DAcodedBEAT DAcodedBEAT mentioned this issue Jun 12, 2024
Merged
12 tasks
@DAcodedBEAT DAcodedBEAT added the good first issue Indicates a good issue for first-time contributors label Jun 14, 2024
@DAcodedBEAT DAcodedBEAT changed the title Security enhancement: Users are created and edited via the ORM in UserEditor.php Security enhancement: Users should be created and edited via the ORM in UserEditor.php Jul 23, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the Stale label Sep 10, 2024
@DAcodedBEAT DAcodedBEAT removed the Stale label Sep 10, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the Stale label Oct 11, 2024
@DAcodedBEAT DAcodedBEAT removed the Stale label Oct 11, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the Stale label Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement good first issue Indicates a good issue for first-time contributors php Pull requests that update Php code Security Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DAcodedBEAT