Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security enhancement: Users should be created and edited via the ORM in UserEditor.php #7071

Open
DAcodedBEAT opened this issue Jun 12, 2024 · 3 comments
Labels
enhancement good first issue Indicates a good issue for first-time contributors php Pull requests that update Php code Security

Comments

@DAcodedBEAT
Copy link
Contributor

Is your feature request related to a problem? Please describe.

UserEditor.php still manually crafts a SQL string for data insertion. Using the ORM enforces OOP and implicitly uses prepared statements, which prevents SQL injection attacks

Describe the solution you'd like

Use the ORM in UserEditor.php

@DAcodedBEAT DAcodedBEAT added enhancement Security php Pull requests that update Php code labels Jun 12, 2024
@DAcodedBEAT DAcodedBEAT added the good first issue Indicates a good issue for first-time contributors label Jun 14, 2024
@DAcodedBEAT DAcodedBEAT changed the title Security enhancement: Users are created and edited via the ORM in UserEditor.php Security enhancement: Users should be created and edited via the ORM in UserEditor.php Jul 23, 2024
Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement good first issue Indicates a good issue for first-time contributors php Pull requests that update Php code Security
Projects
None yet
Development

No branches or pull requests

1 participant