1ef4d06627
Major security improvements: - Added CSRF token generation, validation, and cleanup functions - Implemented comprehensive input validators (email, phone, name, date, amount, ID, file uploads) - Added rate limiting with login attempt tracking and account lockout (5 failures = 15 min lockout) - Implemented session fixation protection with session_regenerate_id() and 30-min timeout - Fixed SQL injection in getResultFromTable() with whitelisted columns/tables - Added audit logging for security events - Applied CSRF validation to all 7 process_*.php files - Applied input validation to critical endpoints (login, registration, bookings, application) - Created database migration for login_attempts, audit_log tables and locked_until column Modified files: - functions.php: +500 lines of security functions - validate_login.php: Added CSRF, rate limiting, session hardening - register_user.php: Added CSRF, input validation, registration rate limiting - process_*.php (7 files): Added CSRF token validation - Created migration: 001_phase1_security_schema.sql Next steps: Add CSRF tokens to form templates, harden file uploads, create testing checklist
48 lines
2.2 KiB
SQL
48 lines
2.2 KiB
SQL
-- ============================================================================
|
|
-- MIGRATION: Phase 1 Security & Stability Database Schema Updates
|
|
-- Date: 2025-12-03
|
|
-- Description: Add tables and columns required for Phase 1 security features
|
|
-- (login rate limiting, account lockout, audit logging)
|
|
-- ============================================================================
|
|
|
|
-- Track failed login attempts for rate limiting and account lockout
|
|
CREATE TABLE IF NOT EXISTS login_attempts (
|
|
attempt_id BIGINT PRIMARY KEY AUTO_INCREMENT,
|
|
email VARCHAR(255) NOT NULL,
|
|
ip_address VARCHAR(45) NOT NULL,
|
|
attempted_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
success BOOLEAN DEFAULT FALSE,
|
|
INDEX idx_email_ip (email, ip_address),
|
|
INDEX idx_attempted_at (attempted_at)
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
-- Add account lockout column to users table
|
|
-- Stores the timestamp until which the account is locked
|
|
-- NULL = account not locked, Future datetime = account locked until this time
|
|
ALTER TABLE users ADD COLUMN locked_until DATETIME NULL DEFAULT NULL AFTER is_verified;
|
|
CREATE INDEX idx_locked_until ON users (locked_until);
|
|
|
|
-- Security audit log for sensitive operations
|
|
DROP TABLE IF EXISTS `audit_log`;
|
|
CREATE TABLE IF NOT EXISTS audit_log (
|
|
log_id BIGINT PRIMARY KEY AUTO_INCREMENT,
|
|
user_id INT NULL,
|
|
action VARCHAR(100) NOT NULL COMMENT 'e.g., LOGIN, FAILED_LOGIN, ACCOUNT_LOCKED, FILE_UPLOAD',
|
|
resource_type VARCHAR(50) COMMENT 'e.g., users, bookings, payments',
|
|
resource_id INT COMMENT 'ID of affected resource',
|
|
ip_address VARCHAR(45) NOT NULL,
|
|
user_agent TEXT NULL,
|
|
details TEXT COMMENT 'JSON or text details about the action',
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
INDEX idx_user_id (user_id),
|
|
INDEX idx_action (action),
|
|
INDEX idx_created_at (created_at)
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
-- ============================================================================
|
|
-- ROLLBACK INSTRUCTIONS (if needed)
|
|
-- ============================================================================
|
|
-- ALTER TABLE users DROP COLUMN locked_until;
|
|
-- DROP TABLE IF EXISTS login_attempts;
|
|
-- DROP TABLE IF EXISTS audit_log;
|