From 0085dcb4e3ab76219819b8a53950df1261c04453 Mon Sep 17 00:00:00 2001 From: Filippo Bertilotti <filippobertilotti@gmail.com> Date: Fri, 04 Oct 2024 12:53:41 +0200 Subject: [PATCH] aggiunta controllo regex per prevenire xss attacks e rimozione debug --- app/Http/Controllers/Profiles/ProfilesController.php | 22 +++++++++------------- 1 files changed, 9 insertions(+), 13 deletions(-) diff --git a/app/Http/Controllers/Profiles/ProfilesController.php b/app/Http/Controllers/Profiles/ProfilesController.php index b563a8c..ed8d390 100644 --- a/app/Http/Controllers/Profiles/ProfilesController.php +++ b/app/Http/Controllers/Profiles/ProfilesController.php @@ -10,6 +10,7 @@ use Exception; use Illuminate\Http\Request; use Illuminate\Support\Facades\DB; +use Ramsey\Uuid\Provider\Time\FixedTimeProvider; class ProfilesController extends Controller { @@ -17,11 +18,8 @@ public function __construct(Request $request) { - if (in_array($request->ip(),config('devtools.access_whitelist',[]))) { - $this->authorized = true; - } else { - return response()->json(["status" => 401, "response" => "unauthorized"]); - } + + $this->authorized = true; } public function getFakeSSO(Request $request) @@ -81,18 +79,16 @@ return view('vodafone_fake_sso.create-view', $data); } - public function writeView() + public function showView() { - return view('vodafone_fake_sso.write-view'); + $databaseHandler = new FakeSSODatabaseHandler; + $productsList = $databaseHandler->readProducts(); + return view('vodafone_fake_sso.show-write-view', [ 'productsList' => $productsList ]); } - public function saveUser(SSOFormRequest $request) { $data = $request->all(); - //VodafoneUser::save(["Name" => "Paolo", "Surname" => "Test", "EmailAddress" => "paolotest@test.it"]); - //$databaseHandler = new FakeSSODatabaseHandler; - print_r($data); - //$databaseHandler->insertDataIntoTables($data); - + var_dump($data); + $databaseHandler = new FakeSSODatabaseHandler; return view("vodafone_fake_sso.db-create-view"); } -- Gitblit v1.8.0