Axia4

Author	SHA1	Message	Date
Naiel	c5ad2c7cb4	Merge pull request #11 from Axia4/copilot/add-file-sanitization-function Security: filename sanitization, MIME validation, atomic writes, and path deduplication in file/user management	2026-02-19 21:08:57 +01:00
copilot-swe-agent[bot]	a095c91f5e	Security: comprehensive filename sanitization, MIME validation, atomic file writes, and path deduplication Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-19 14:55:12 +00:00
copilot-swe-agent[bot]	414f7db7d1	Initial plan	2026-02-19 14:51:43 +00:00
Naiel	192002880a	Refactor input sanitization functions and improve file path handling across multiple files - Introduced `safe_id_segment`, `safe_centro_id`, and `safe_aulario_config_path` functions to sanitize input and construct file paths securely. - Updated `index.php`, `paneldiario.php`, `proyectos.php`, `aularios.php`, `centros.php`, `club_mkthumb.php`, `reset_password.php`, and `users.php` to utilize new sanitization functions. - Enhanced error handling for file existence checks and directory traversal prevention. - Ensured consistent use of safe path handling in user input across the application.	2026-02-19 14:45:51 +00:00
Naiel	905610717b	Add Codacy security scan workflow This workflow integrates Codacy security scans with GitHub Actions, checking code on push and pull requests to the main branch and scheduling regular scans.	2026-02-19 10:37:11 +01:00
Naiel	2f6721e657	Merge pull request #10 from Axia4/copilot/restrict-safe-filename-characters Harden path validation and file handling against directory traversal attacks	2026-02-19 10:35:31 +01:00
Naiel	516c9a645d	Delete .github/workflows/main.yml	2026-02-19 10:33:56 +01:00
copilot-swe-agent[bot]	ffb74751a3	Sync safe_filename implementation across files for consistency Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-19 09:33:47 +00:00
copilot-swe-agent[bot]	1c5533c13d	Address code review findings - add username validation and fix edge cases Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-19 09:32:46 +00:00
copilot-swe-agent[bot]	c9b5a1058f	Apply security fixes for path validation and file handling Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-19 09:31:25 +00:00
Naiel	c8c9c10293	Add GitHub Actions workflow for PHP security checks	2026-02-19 10:30:46 +01:00
copilot-swe-agent[bot]	99898e8736	Initial plan	2026-02-19 09:28:40 +00:00
naielv	98f430188c	Enhance security and input sanitization across multiple files - Added a new tools.security.php file containing functions for sanitizing filenames, paths, and user inputs to prevent directory traversal and XSS attacks. - Updated various files to utilize the new sanitization functions (Sf, Si) for user inputs and file operations, ensuring safer handling of data. - Improved HTML output safety by applying htmlspecialchars to user-generated content in pre-body.php, cal.php, and other relevant files. - Refactored user authentication and data retrieval processes in tools.auth.php and _login.php to enhance security and maintainability. - Ensured consistent use of sanitization functions in API endpoints and admin functionalities to mitigate potential security vulnerabilities.	2026-02-18 23:22:58 +01:00
Naiel	a6ebede883	update	2026-02-18 14:01:42 +00:00
Naiel	ce318a7322	Agregar API del Comedor para gestionar menús y tipos de menú	2026-02-18 13:45:37 +00:00
Naiel	1e6f6be18f	Add diario.php for student diary management and update images - Created a new file `diario.php` to manage and display student diaries. - Implemented user permission checks to restrict access to docentes. - Added functionality to list students and their diary entries based on selected aulario. - Included validation for directory paths and error handling for missing data. - Updated images `alumnos.png` and `yo.png` in the static assets.	2026-02-18 11:38:48 +00:00
naielv	51fd926065	Actualizar la configuración de autenticación y mejorar la gestión de sesiones	2026-02-17 14:33:51 +01:00
naielv	8f45eac632	Actualizar la acción del formulario de búsqueda a un nuevo endpoint	2026-02-16 01:12:16 +01:00
Naiel	12add1cd3f	Agregar variable PAGE_TITLE para personalizar títulos en las páginas del club	2026-02-15 20:14:31 +00:00
Naiel	5e3bbe45ba	Fix JavaScript function call and update onclick handler	2026-02-14 15:08:04 +01:00
Naiel	618fc6679b	Escape special characters in alumno name	2026-02-14 15:02:02 +01:00
Naiel	c8e6c617e2	Fix student selection announcement and data structure	2026-02-14 14:52:20 +01:00
Naiel	73687ef617	Change link from javascript:void(0) to #	2026-02-14 14:41:38 +01:00
Naiel	f0976a9f2f	Merge pull request #9 from Axia4/copilot/add-quien-soy-flow Add student self-identification flow and CRUD management to Panel Diario	2026-02-14 14:35:45 +01:00
copilot-swe-agent[bot]	b8b605cff0	Improve accessibility and file handling in CRUD Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:30:42 +00:00
copilot-swe-agent[bot]	f13c0725ec	Fix security issues in alumnos.php CRUD page Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:28:57 +00:00
copilot-swe-agent[bot]	53b11caea1	Add CRUD page for student management (alumnos.php) Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:27:14 +00:00
copilot-swe-agent[bot]	9067df28ed	Fix HTTP status code for parameter validation Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:21:57 +00:00
copilot-swe-agent[bot]	b5d71a473d	Add realpath validation and accessibility improvements Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:21:09 +00:00
copilot-swe-agent[bot]	a3eeda2dc5	Fix security issues in ¿Quién soy? flow Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:19:56 +00:00
copilot-swe-agent[bot]	302992c10b	Add ¿Quién soy? flow to Panel Diario Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-14 13:18:22 +00:00
copilot-swe-agent[bot]	ec309d4aac	Initial plan	2026-02-14 13:14:50 +00:00
Naiel	22c4c09303	Refactor menu styles to include header context	2026-02-14 12:04:20 +01:00
Naiel	cdb54a0670	Generar y almacenar una contraseña aleatoria para el usuario al iniciar sesión con Google	2026-02-13 12:33:32 +00:00
Naiel	8339c1e2ea	Actualizar configuración de Docker y mejorar autenticación de Google en el inicio de sesión	2026-02-13 12:30:29 +00:00
Naiel	00ba9f3f01	update	2026-02-13 09:36:25 +00:00
Naiel	28770f9650	add manifest	2026-02-13 09:31:45 +00:00
naielv	30fce4b5a9	v2.0,0 - Refactor code structure for improved readability and maintainability	2026-02-13 01:56:00 +01:00
Naiel	4efda27840	add notice	2026-02-11 19:35:33 +01:00
Naiel	356cf32f38	Remove unnecessary line break in actividades section for cleaner layout	2026-02-06 23:31:10 +00:00
Naiel	b3ff425609	Remove unnecessary environment variable from Docker Compose and tidy comments for clarity	2026-02-06 23:25:19 +00:00
Naiel	5834650273	Enhance Dockerfile with opcache configuration and update PHP extension installation; improve project description in proyectos.php; remove unused lazo.php file	2026-02-06 23:23:04 +00:00
Naiel	3de8329868	Update login form action and ensure pre-body is included correctly in comedor	2026-02-06 23:10:23 +00:00
Naiel	c2d4074ac7	Merge pull request #8 from Axia4/copilot/fix-menu-types-list Add delete and rename operations for menu types in EntreAulas Comedor	2026-02-06 15:02:53 +01:00
copilot-swe-agent[bot]	8527c8f08e	Address code review feedback - improve security and code clarity Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-06 13:50:06 +00:00
copilot-swe-agent[bot]	6027ceb227	Add delete and rename functionality for menu types Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>	2026-02-06 13:41:57 +00:00
copilot-swe-agent[bot]	e1e500aacc	Initial plan	2026-02-06 13:40:21 +00:00
Naiel	4e7fb6e150	add delete btn	2026-02-03 13:44:49 +00:00
Naiel	33f97a77a3	fix	2026-02-02 10:20:31 +00:00
naielv	9799d8534d	update	2026-02-01 23:02:39 +01:00

1 2 3

101 Commits