mirror of
https://github.com/getnamingo/registry.git
synced 2025-07-13 22:35:08 +02:00
Small security fixes, not urgent
This commit is contained in:
parent
d54c6f8f52
commit
0a0d30d5a0
5 changed files with 14 additions and 7 deletions
|
@ -74,6 +74,8 @@ class Logger extends \Monolog\Logger
|
|||
try {
|
||||
$mail = new PHPMailer(true);
|
||||
$mail->isSMTP();
|
||||
$mailToAddress = $_ENV['MAIL_TO_ADDRESS'] ?? null;
|
||||
|
||||
$mail->Host = $_ENV['MAIL_HOST'];
|
||||
$mail->SMTPAuth = true;
|
||||
$mail->Username = $_ENV['MAIL_USERNAME'];
|
||||
|
@ -81,7 +83,11 @@ class Logger extends \Monolog\Logger
|
|||
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
|
||||
$mail->Port = $_ENV['MAIL_PORT'];
|
||||
$mail->setFrom($_ENV['MAIL_FROM_ADDRESS'], $_ENV['MAIL_FROM_NAME']);
|
||||
$mail->addAddress($_ENV['MAIL_TO_ADDRESS']); // Send to admin email
|
||||
if (!$mailToAddress) {
|
||||
error_log("MAIL_TO_ADDRESS is missing, skipping recipient.");
|
||||
} else {
|
||||
$mail->addAddress($mailToAddress);
|
||||
}
|
||||
|
||||
// Attach PHPMailer to Monolog
|
||||
$mailerHandler = new PHPMailerHandler($mail);
|
||||
|
|
|
@ -24,6 +24,7 @@ MAIL_USERNAME=username
|
|||
MAIL_PASSWORD=password
|
||||
MAIL_ENCRYPTION=tls
|
||||
MAIL_FROM_ADDRESS='example@domain.com'
|
||||
MAIL_TO_ADDRESS='example@domain.com'
|
||||
MAIL_FROM_NAME='Example'
|
||||
MAIL_API_KEY='test-api-key'
|
||||
MAIL_API_PROVIDER='sendgrid'
|
||||
|
|
|
@ -77,8 +77,8 @@ function setupLogger($logFilePath, $channelName = 'app') {
|
|||
}
|
||||
|
||||
function isIpWhitelisted($ip, $pdo) {
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM registrar_whitelist WHERE addr = ?");
|
||||
$stmt->execute([$ip]);
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM registrar_whitelist WHERE addr = :ip");
|
||||
$stmt->execute(['ip' => $ip]);
|
||||
$count = $stmt->fetchColumn();
|
||||
return $count > 0;
|
||||
}
|
||||
|
|
|
@ -137,8 +137,8 @@ function mapContactToVCard($contactDetails, $role, $c) {
|
|||
}
|
||||
|
||||
function isIpWhitelisted($ip, $pdo) {
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM registrar_whitelist WHERE addr = ?");
|
||||
$stmt->execute([$ip]);
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM registrar_whitelist WHERE addr = :ip");
|
||||
$stmt->execute(['ip' => $ip]);
|
||||
$count = $stmt->fetchColumn();
|
||||
return $count > 0;
|
||||
}
|
||||
|
|
|
@ -89,8 +89,8 @@ function parseQuery($data) {
|
|||
}
|
||||
|
||||
function isIpWhitelisted($ip, $pdo) {
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM registrar_whitelist WHERE addr = ?");
|
||||
$stmt->execute([$ip]);
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM registrar_whitelist WHERE addr = :ip");
|
||||
$stmt->execute(['ip' => $ip]);
|
||||
$count = $stmt->fetchColumn();
|
||||
return $count > 0;
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue