Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2024-12-14 00:16:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
36763c2a77
filesafe/controllers
History
Bobby Wibowo 36763c2a77
Security fix 
Replaced all instances of DB .whereRaw with their much safer equivalent
methods.

All previous usages of .whereRaw were vulnerable to SQL injections,
cause we were passing the data directly.

Fortunately, they were only used in API routes that required staff
(moderators included) accounts.

---

Updated dependency:
helmet: 3.21.1 -> 3.21.2
2019-10-22 10:52:52 +07:00
..
albumsController.js Updated 2019-10-07 06:11:07 +07:00
authController.js Updated 2019-10-07 06:11:07 +07:00
pathsController.js Updated 2019-09-28 16:42:49 +07:00
permissionController.js !!! MASSIVE OVERHAUL !!! 2019-09-08 08:56:29 +07:00
tokenController.js Updates (very important to read) 2019-09-15 13:20:11 +07:00
uploadController.js Security fix 2019-10-22 10:52:52 +07:00
utilsController.js Security fix 2019-10-22 10:52:52 +07:00