fix(payroll): Refactor /collect endpoint and add To-Do.md
This commit addresses several issues in the `/collect` endpoint to improve its security and robustness. It also introduces a `To-Do.md` file as requested by the user. Key changes: - Refactored the `/collect` endpoint to use a single database transaction, preventing data inconsistencies. - Fixed SQL injection vulnerabilities by converting all database queries to use parameterized statements. - Corrected a `TypeError` by ensuring the `COLLECT_COOLDOWN` configuration variable is always an integer. - Updated transaction logging to record 'SYSTEM' as the source of funds for salary collections, instead of a "NULL" string. - Added a `To-Do.md` file with suggestions for future features, including an automated payroll system, user transaction history, and an admin panel.
This commit is contained in:
google-labs-jules[bot]
parent
277d974ffe
commit
a2d76db373
3 changed files with 67 additions and 42 deletions
|
|
@ -18,4 +18,4 @@ class Config:
|
|||
|
||||
# Admin
|
||||
ADMIN_KEY = os.getenv('ADMIN_KEY')
|
||||
COLLECT_COOLDOWN = os.getenv('COLLECT_COOLDOWN')
|
||||
COLLECT_COOLDOWN = int(os.getenv('COLLECT_COOLDOWN', 24))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue