staffmanager

Commit Graph

Author	SHA1	Message	Date
Miguel Nogueira	5f1f92a9ce	Code review This commit fixes some superficial instances of Broken Access Control (https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control). There may be some more instances of this, as authorization was only done after most of the controllers were done (big mistake). Some refactoring was also performed, where Route Model Binding with DI (dependency injection) was used whenever possible, to increase testability of the codebase. Some reused code was also moved to Helper classes as to enforce DRY; There may be some lines of code that are still copy-pasted from other parts of the codebase for reuse. Non-breaking refactoring changes were made, but the app as a whole still needs full manual testing, and customised responses to HTTP 500 responses. Some errors are also not handled gracefully and this wasn't checked in this commit.	2020-07-16 21:21:28 +01:00
Miguel Nogueira	7cf056f57e	Switch custom Guzzle integration for Laravel's HTTP facade Commit also adds config options to the example file.	2020-05-02 20:18:56 +01:00
Miguel Nogueira	3bd773e2d3	Added main page This commit adds the main page (incl. breadcrumbs), a license file, a contact form (with recaptcha) and a captcha config file.	2020-04-27 07:28:00 +01:00

Author

SHA1

Message

Date

Miguel Nogueira

5f1f92a9ce

Code review

This commit fixes some superficial instances of Broken Access Control 
(https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control).
There may be some more instances of this, as authorization was only done 
after most of the controllers were done (big mistake).

Some refactoring was also performed, where Route Model Binding with DI 
(dependency injection) was used whenever possible, to increase 
testability of the codebase.
Some reused code was also moved to Helper classes as to enforce DRY; 
There may be some lines of code that are still copy-pasted from other 
parts of the codebase for reuse.

Non-breaking refactoring changes were made, but the app as a whole still 
needs full manual testing, and customised responses to HTTP 500 
responses. Some errors are also not handled gracefully and this wasn't 
checked in this commit.

2020-07-16 21:21:28 +01:00

Miguel Nogueira

7cf056f57e

Switch custom Guzzle integration for Laravel's HTTP facade

Commit also adds config options to the example file.

2020-05-02 20:18:56 +01:00

Miguel Nogueira

3bd773e2d3

Added main page

This commit adds the main page (incl. breadcrumbs), a license file, a contact form (with recaptcha) and a captcha config file.

2020-04-27 07:28:00 +01:00

3 Commits