LotusGuild/tinker_tickets
3
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
55209e0b05b561fac755279c2798c719fc3a2d42
tinker_tickets/api
History
Jared Vititoe fa40010287 Security hardening and performance improvements 
- Add visibility check to attachment downloads (prevents unauthorized access)
- Fix ticket ID collision with uniqueness verification loop
- Harden CSP: replace unsafe-inline with nonce-based script execution
- Add IP-based rate limiting (supplements session-based)
- Add visibility checks to bulk operations
- Validate internal visibility requires groups
- Optimize user activity query (JOINs vs subqueries)
- Update documentation with design decisions and security info

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-28 20:27:15 -05:00
..
add_comment.php
Implement comprehensive improvement plan (Phases 1-6)
2026-01-20 09:55:01 -05:00
assign_ticket.php
Implement comprehensive improvement plan (Phases 1-6)
2026-01-20 09:55:01 -05:00
audit_log.php
better filtering and searching
2026-01-09 11:20:27 -05:00
bulk_operation.php
Security hardening and performance improvements
2026-01-28 20:27:15 -05:00
check_duplicates.php
Implement comprehensive improvement plan (Phases 1-6)
2026-01-20 09:55:01 -05:00
custom_fields.php
Implement comprehensive improvement plan (Phases 1-6)
2026-01-20 09:55:01 -05:00
delete_attachment.php
fix: Fix delete_attachment.php AuditLogModel calls
2026-01-20 17:00:54 -05:00
delete_comment.php
feat: Comment edit/delete, auto-link URLs, markdown tables, mobile fixes
2026-01-24 16:59:29 -05:00
download_attachment.php
Security hardening and performance improvements
2026-01-28 20:27:15 -05:00
export_tickets.php
fix: Resolve multiple UI and API bugs
2026-01-20 15:16:14 -05:00
generate_api_key.php
feat: Add 9 new features for enhanced UX and security
2026-01-23 10:01:50 -05:00
get_template.php
feat: Add 9 new features for enhanced UX and security
2026-01-23 10:01:50 -05:00
get_users.php
refactor: Code cleanup and documentation updates
2026-01-23 22:01:20 -05:00
manage_recurring.php
Implement comprehensive improvement plan (Phases 1-6)
2026-01-20 09:55:01 -05:00
manage_templates.php
Fix template priority field name and improve admin form styling
2026-01-26 11:21:29 -05:00
manage_workflows.php
Implement comprehensive improvement plan (Phases 1-6)
2026-01-20 09:55:01 -05:00
revoke_api_key.php
feat: Add 9 new features for enhanced UX and security
2026-01-23 10:01:50 -05:00
saved_filters.php
feat: Add CSRF protection to assign and filter APIs
2026-01-09 12:33:23 -05:00
ticket_dependencies.php
feat: Add 9 new features for enhanced UX and security
2026-01-23 10:01:50 -05:00
update_comment.php
feat: Comment edit/delete, auto-link URLs, markdown tables, mobile fixes
2026-01-24 16:59:29 -05:00
update_ticket.php
Security hardening and performance improvements
2026-01-28 20:27:15 -05:00
upload_attachment.php
fix: Fix upload_attachment.php AuditLogModel call
2026-01-20 17:01:42 -05:00
user_preferences.php
feat: Add CSRF protection to user preferences API
2026-01-09 12:34:45 -05:00