mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-04-17 13:31:07 -04:00
Code Issues Packages Projects Releases Wiki Activity
6,695 Commits 88 Branches 39 Tags
165c3351eb8bed4e32863d8da71a7f718dfbf9be
Commit Graph

5 Commits

Author SHA1 Message Date
Ollama
8da4aff262 fix(security): prevent command injection in sendmail path configuration 
Add validation for the mailpath POST parameter to prevent command injection
attacks. The path is validated to only allow alphanumeric characters,
underscores, dashes, forward slashes, and dots.

- Required mailpath when protocol is "sendmail"
- Validates format for all non-empty mailpath values
- Blocks common injection vectors: ; | & ` $() spaces newlines
- Added mailpath_invalid translation to all 43 language files
- Simplified validation logic to avoid redundant conditions

Files changed:
- app/Controllers/Config.php: Add regex validation with protocol check
- app/Language/*/Config.php: Add mailpath_invalid error message (43 languages)
- tests/Controllers/ConfigTest.php: Unit tests for validation
 2026-04-06 18:37:07 +00:00
BudsieBuds
e83c23cf0c Improve code style and PSR-12 compliance (#4204) 
* Improve code style and PSR-12 compliance
- refactored code formatting to adhere to PSR-12 guidelines
- standardized coding conventions across the codebase
- added missing framework files and reverted markup changes
- reformatted arrays for enhanced readability
- updated language files for consistent styling and clarity
- minor miscellaneous improvements
 2025-05-02 19:37:06 +02:00
objecttothis
e90b5b87da Replace tabs with spaces (#4196) 
Signed-off-by: objecttothis <objecttothis@gmail.com>
 2025-03-28 21:24:21 +04:00
jekkos
b4d117011a Add CI4 language migration scripts (#3468) 2024-06-15 17:19:15 +02:00
jekkos
828fd639b2 Porting over 4f3226b 2024-06-15 17:19:15 +02:00