parkerslingshotrentals

myron/parkerslingshotrentals

Fork 0

mirror of https://github.com/myronblair/parkerslingshotrentals synced 2026-06-30 17:50:31 -05:00

Commit Graph

Author	SHA1	Message	Date
myron	bb21fca399	Security: block direct upload access, fix view-doc path traversal guard - uploads/.htaccess: deny all direct web access to uploaded customer docs - admin/view-doc.php: add realpath() path-traversal check (mirrors view-doc.php) - admin/view-doc.php: remove dead double-query (result was always overwritten) - .gitignore: uploads/* wildcard so .htaccess can be tracked	2026-06-13 14:20:41 +00:00

Author

SHA1

Message

Date

myron

bb21fca399

Security: block direct upload access, fix view-doc path traversal guard

- uploads/.htaccess: deny all direct web access to uploaded customer docs
- admin/view-doc.php: add realpath() path-traversal check (mirrors view-doc.php)
- admin/view-doc.php: remove dead double-query (result was always overwritten)
- .gitignore: uploads/* wildcard so .htaccess can be tracked

2026-06-13 14:20:41 +00:00

1 Commits