EuskadiTech/Axia4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
146 Commits 3 Branches 0 Tags
main
Commit Graph

146 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Naiel
2f6721e657 Merge pull request #10 from Axia4/copilot/restrict-safe-filename-characters 
Harden path validation and file handling against directory traversal attacks
 2026-02-19 10:35:31 +01:00
Naiel
516c9a645d Delete .github/workflows/main.yml 2026-02-19 10:33:56 +01:00
copilot-swe-agent[bot]
ffb74751a3 Sync safe_filename implementation across files for consistency 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-19 09:33:47 +00:00
copilot-swe-agent[bot]
1c5533c13d Address code review findings - add username validation and fix edge cases 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-19 09:32:46 +00:00
copilot-swe-agent[bot]
c9b5a1058f Apply security fixes for path validation and file handling 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-19 09:31:25 +00:00
Naiel
c8c9c10293 Add GitHub Actions workflow for PHP security checks 2026-02-19 10:30:46 +01:00
copilot-swe-agent[bot]
99898e8736 Initial plan 2026-02-19 09:28:40 +00:00
naielv
98f430188c Enhance security and input sanitization across multiple files 
- Added a new tools.security.php file containing functions for sanitizing filenames, paths, and user inputs to prevent directory traversal and XSS attacks.
- Updated various files to utilize the new sanitization functions (Sf, Si) for user inputs and file operations, ensuring safer handling of data.
- Improved HTML output safety by applying htmlspecialchars to user-generated content in pre-body.php, cal.php, and other relevant files.
- Refactored user authentication and data retrieval processes in tools.auth.php and _login.php to enhance security and maintainability.
- Ensured consistent use of sanitization functions in API endpoints and admin functionalities to mitigate potential security vulnerabilities.
 2026-02-18 23:22:58 +01:00
Naiel
a6ebede883 update 2026-02-18 14:01:42 +00:00
Naiel
ce318a7322 Agregar API del Comedor para gestionar menús y tipos de menú 2026-02-18 13:45:37 +00:00
Naiel
1e6f6be18f Add diario.php for student diary management and update images 
- Created a new file `diario.php` to manage and display student diaries.
- Implemented user permission checks to restrict access to docentes.
- Added functionality to list students and their diary entries based on selected aulario.
- Included validation for directory paths and error handling for missing data.
- Updated images `alumnos.png` and `yo.png` in the static assets.
 2026-02-18 11:38:48 +00:00
naielv
51fd926065 Actualizar la configuración de autenticación y mejorar la gestión de sesiones 2026-02-17 14:33:51 +01:00
naielv
8f45eac632 Actualizar la acción del formulario de búsqueda a un nuevo endpoint 2026-02-16 01:12:16 +01:00
Naiel
12add1cd3f Agregar variable PAGE_TITLE para personalizar títulos en las páginas del club 2026-02-15 20:14:31 +00:00
Naiel
5e3bbe45ba Fix JavaScript function call and update onclick handler 2026-02-14 15:08:04 +01:00
Naiel
618fc6679b Escape special characters in alumno name 2026-02-14 15:02:02 +01:00
Naiel
c8e6c617e2 Fix student selection announcement and data structure 2026-02-14 14:52:20 +01:00
Naiel
73687ef617 Change link from javascript:void(0) to # 2026-02-14 14:41:38 +01:00
Naiel
f0976a9f2f Merge pull request #9 from Axia4/copilot/add-quien-soy-flow 
Add student self-identification flow and CRUD management to Panel Diario
 2026-02-14 14:35:45 +01:00
copilot-swe-agent[bot]
b8b605cff0 Improve accessibility and file handling in CRUD 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:30:42 +00:00
copilot-swe-agent[bot]
f13c0725ec Fix security issues in alumnos.php CRUD page 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:28:57 +00:00
copilot-swe-agent[bot]
53b11caea1 Add CRUD page for student management (alumnos.php) 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:27:14 +00:00
copilot-swe-agent[bot]
9067df28ed Fix HTTP status code for parameter validation 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:21:57 +00:00
copilot-swe-agent[bot]
b5d71a473d Add realpath validation and accessibility improvements 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:21:09 +00:00
copilot-swe-agent[bot]
a3eeda2dc5 Fix security issues in ¿Quién soy? flow 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:19:56 +00:00
copilot-swe-agent[bot]
302992c10b Add ¿Quién soy? flow to Panel Diario 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-14 13:18:22 +00:00
copilot-swe-agent[bot]
ec309d4aac Initial plan 2026-02-14 13:14:50 +00:00
Naiel
22c4c09303 Refactor menu styles to include header context 2026-02-14 12:04:20 +01:00
Naiel
cdb54a0670 Generar y almacenar una contraseña aleatoria para el usuario al iniciar sesión con Google 2026-02-13 12:33:32 +00:00
Naiel
8339c1e2ea Actualizar configuración de Docker y mejorar autenticación de Google en el inicio de sesión 2026-02-13 12:30:29 +00:00
Naiel
00ba9f3f01 update 2026-02-13 09:36:25 +00:00
Naiel
28770f9650 add manifest 2026-02-13 09:31:45 +00:00
naielv
30fce4b5a9 v2.0,0 - Refactor code structure for improved readability and maintainability 2026-02-13 01:56:00 +01:00
Naiel
4efda27840 add notice 2026-02-11 19:35:33 +01:00
Naiel
356cf32f38 Remove unnecessary line break in actividades section for cleaner layout 2026-02-06 23:31:10 +00:00
Naiel
b3ff425609 Remove unnecessary environment variable from Docker Compose and tidy comments for clarity 2026-02-06 23:25:19 +00:00
Naiel
5834650273 Enhance Dockerfile with opcache configuration and update PHP extension installation; improve project description in proyectos.php; remove unused lazo.php file 2026-02-06 23:23:04 +00:00
Naiel
3de8329868 Update login form action and ensure pre-body is included correctly in comedor 2026-02-06 23:10:23 +00:00
Naiel
c2d4074ac7 Merge pull request #8 from Axia4/copilot/fix-menu-types-list 
Add delete and rename operations for menu types in EntreAulas Comedor
 2026-02-06 15:02:53 +01:00
copilot-swe-agent[bot]
8527c8f08e Address code review feedback - improve security and code clarity 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-06 13:50:06 +00:00
copilot-swe-agent[bot]
6027ceb227 Add delete and rename functionality for menu types 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-02-06 13:41:57 +00:00
copilot-swe-agent[bot]
e1e500aacc Initial plan 2026-02-06 13:40:21 +00:00
Naiel
4e7fb6e150 add delete btn 2026-02-03 13:44:49 +00:00
Naiel
33f97a77a3 fix 2026-02-02 10:20:31 +00:00
naielv
9799d8534d update 2026-02-01 23:02:39 +01:00
naielv
d306991d7c fix lwdc 2026-02-01 22:05:09 +01:00
naielv
6620980f02 Finished (for now) projects module, with secure PDF viewer. 2026-02-01 14:18:37 +01:00
naielv
de6cddf722 update 2026-02-01 03:11:45 +01:00
copilot-swe-agent[bot]
4e362f8a05 Fix misleading comments and improve clarity of permission level messages 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-01-31 20:40:21 +00:00
copilot-swe-agent[bot]
83d254fd99 Implement approval workflow for request_edit permission level 
Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
 2026-01-31 20:39:14 +00:00