From 0085dcb4e3ab76219819b8a53950df1261c04453 Mon Sep 17 00:00:00 2001
From: Filippo Bertilotti <filippobertilotti@gmail.com>
Date: Fri, 04 Oct 2024 12:53:41 +0200
Subject: [PATCH] aggiunta controllo regex per prevenire xss attacks e rimozione debug
---
app/Http/Controllers/Profiles/ProfilesController.php | 21 +++++++++++----------
1 files changed, 11 insertions(+), 10 deletions(-)
diff --git a/app/Http/Controllers/Profiles/ProfilesController.php b/app/Http/Controllers/Profiles/ProfilesController.php
index 219c211..ed8d390 100644
--- a/app/Http/Controllers/Profiles/ProfilesController.php
+++ b/app/Http/Controllers/Profiles/ProfilesController.php
@@ -10,6 +10,7 @@
use Exception;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
+use Ramsey\Uuid\Provider\Time\FixedTimeProvider;
class ProfilesController extends Controller
{
@@ -17,11 +18,8 @@
public function __construct(Request $request)
{
- if (in_array($request->ip(),config('devtools.access_whitelist',[]))) {
- $this->authorized = true;
- } else {
- return response()->json(["status" => 401, "response" => "unauthorized"]);
- }
+
+ $this->authorized = true;
}
public function getFakeSSO(Request $request)
@@ -80,14 +78,17 @@
];
return view('vodafone_fake_sso.create-view', $data);
}
-
+
+ public function showView()
+ {
+ $databaseHandler = new FakeSSODatabaseHandler;
+ $productsList = $databaseHandler->readProducts();
+ return view('vodafone_fake_sso.show-write-view', [ 'productsList' => $productsList ]);
+ }
public function saveUser(SSOFormRequest $request) {
$data = $request->all();
- //VodafoneUser::save(["Name" => "Paolo", "Surname" => "Test", "EmailAddress" => "paolotest@test.it"]);
+ var_dump($data);
$databaseHandler = new FakeSSODatabaseHandler;
-
- $databaseHandler->insertDataIntoTables($data);
-
return view("vodafone_fake_sso.db-create-view");
}
--
Gitblit v1.8.0