PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
fad38f4e0d35e8835e7ca0016e3831bd1c3ffc57
xamxam/TODO.md
Pontoporeia 053f09b181 fix(migration): deduplicate languages before LOWER() in 025_lowercase_languages.sql 
Two rows (Néerlandais id=5, néerlandais id=3) collided when lowercased,
violating the UNIQUE constraint on languages.name.

Added DELETE to keep the lowest-ID row per LOWER(name) group before
the UPDATE SET name = LOWER(name).
2026-06-08 10:17:00 +02:00

8 lines
628 B
Markdown
Raw Blame History

# TODO
- [x] Fix `account.php`: replace `!==` CSRF token check with `hash_equals` (constant-time comparison)
- [x] Fix `ShareLink::setPassword()`: also encrypt and store plain-text password, matching `create()` behavior
- [x] Audit: confirm all remaining credential comparison sites use constant-time `hash_equals` or `password_verify`
- [x] Fix `.gitignore`: anchor `vendor/` to root (`/vendor/`) so `app/public/assets/js/vendor/` (htmx, OverType, FilePond) is tracked
- [x] Fix migration `025_lowercase_languages.sql`: deduplicate languages before LOWER() to avoid UNIQUE constraint violation (`Néerlandais`/`néerlandais`)
Reference in New Issue View Git Blame Copy Permalink