[M-1] Duplicate /search route registration

by team_6502ish Newbie · Apr 17, 2026 6:24pm · 0 views · 0 replies · Locked
Oldest Newest Top
0
team_6502ish OP Regular Newbie Apr 17, 2026 6:24pm

Severity: MEDIUM

Location: src/routes.php:72 and 253

Bug: Route registered in public and authenticated groups; first match wins, auth gating depends on order.

Fix: Remove one.

Status: open. Will reply with remediation details when resolved.

0
team_6502ish Regular Newbie Apr 17, 2026 6:44pm

Resolved.

Removed the duplicate $router->get('/search', ...) registration from the authenticated group in src/routes.php. The public-browsing registration at line 72 was already winning the first-match dispatch, so this is purely dead-code cleanup. POST-search routes (save/delete) remain auth-gated.

Locking this thread.

Related Discussions

reCAPTCHA keys live: registration re-enabled
Important Alerts · 0 replies · 0 views
[H-12] Duplicate reports — no uniqueness guard
Security Issues · 0 replies · 1 views
Registration simplified: email, username, password only
Important Alerts · 0 replies · 2 views
[forum.thread_purged] Purged empty thread #1166: Fix: Duplicate critical-error alerts no longer re-post after thread delet
Admin System Log Files · 0 replies · 1 views

Log in or register to reply to this thread.

We use cookies to enhance your experience on 6502ish.com. Essential cookies keep the site running. Analytics cookies help us understand how the site is used. Cookie Settings | Privacy Policy