Warning: foreach() argument must be of type array|object, null given in /var/www/html/CRM/security_audit.php on line 161
Starting security audit... Scanning: /var/www/html/CRM Excluding: vendor, node_modules, .git, logs, uploads, fpdf, PHPMailer ======================================================================= SECURITY AUDIT REPORT ======================================================================= Summary: Files scanned: 186 Issues found: 1199 Critical: 0 High: 887 Medium: 273 Low: 39 ---------------------------------------------------------------------- HIGH SEVERITY ISSUES (887) ---------------------------------------------------------------------- File: create_cj_user.php Line: 168 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

{$email} ({$userName})

"; Example: echo $user_input; File: create_cj_user.php Line: 178 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

{$email} ({$userName})

"; Example: echo $user_input; File: create_cj_user.php Line: 179 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

✅ Role updated successfully from {$oldRole} to {$role}

"; Example: echo $user_input; File: create_cj_user.php Line: 185 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

{$email}

"; Example: echo $user_input; File: create_cj_user.php Line: 207 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

Email: {$email}

"; Example: echo $user_input; File: create_cj_user.php Line: 208 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

Name: {$firstName} {$lastName}

"; Example: echo $user_input; File: create_cj_user.php Line: 209 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

Role: {$role}

"; Example: echo $user_input; File: create_cj_user.php Line: 210 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

Status: {$status}

"; Example: echo $user_input; File: create_cj_user.php Line: 214 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "
  • Email: {$email}
    • "; Example: echo $user_input; File: create_cj_user.php Line: 215 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "
  • Temporary Password: {$tempPassword}
    • "; Example: echo $user_input; File: create_cj_user.php Line: 224 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    {$email}

    "; Example: echo $user_input; File: create_cj_user.php Line: 268 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    ✅ Successfully created: {$createdCount} user(s)

    "; Example: echo $user_input; File: create_cj_user.php Line: 271 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    ✅ Successfully updated: {$successCount} user(s)

    "; Example: echo $user_input; File: create_cj_user.php Line: 274 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    ℹ️ Already set: {$alreadySetCount} user(s)

    "; Example: echo $user_input; File: create_cj_user.php Line: 277 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    ❌ Errors: {$errorCount} user(s)

    "; Example: echo $user_input; File: js/session_monitor.js Line: 143 Issue: innerHTML with template literal Description: innerHTML assignment with template literal that may contain unescaped data Code: warningModal.innerHTML = ` Example: element.innerHTML = `
    ${userData}
    `; File: fast_track_leads.php Line: 165 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: if (qr.id == ) { Example: echo $user_input; File: setup_customer_files_table.php Line: 129 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "Successful statements: $successCount\n"; Example: echo $user_input; File: setup_customer_files_table.php Line: 130 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "Failed statements: $errorCount\n\n"; Example: echo $user_input; File: setup_customer_files_table.php Line: 142 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "✓ Verified: Table has $columnCount columns\n"; Example: echo $user_input; File: setup_customer_files_table.php Line: 149 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "✓ Verified: Table has $indexCount indexes\n"; Example: echo $user_input; File: complete_application.php Line: 682 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: const userPrimaryCity = ; Example: echo $user_input; File: reset_password.php Line: 141 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: reset_password.php Line: 143 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: incomplete_customers.php Line: 126 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: incomplete_customers.php Line: 2465 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: const staffId = ; Example: echo $user_input; File: notes_audit_report.php Line: 279 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:

    failure(s)  ·  warning(s)  ·  check(s) passed

    Example: File: notes_audit_report.php Line: 279 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:

    failure(s)  ·  warning(s)  ·  check(s) passed

    Example: File: notes_audit_report.php Line: 279 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:

    failure(s)  ·  warning(s)  ·  check(s) passed

    Example: File: notes_audit_report.php Line: 283 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:
    Passed
    Example: File: notes_audit_report.php Line: 284 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:
    Warnings
    Example: File: notes_audit_report.php Line: 285 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:
    Failed
    Example: File: notes_audit_report.php Line: 286 Issue: Direct HTML output without escaping Description: Short echo tag with unescaped variable Code:
    Total Checks
    Example: File: create_admin_user.php Line: 154 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Email: {$email}

    "; Example: echo $user_input; File: create_admin_user.php Line: 155 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Name: {$userName}

    "; Example: echo $user_input; File: create_admin_user.php Line: 156 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Role: {$oldRole}

    "; Example: echo $user_input; File: create_admin_user.php Line: 167 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Email: {$email}

    "; Example: echo $user_input; File: create_admin_user.php Line: 168 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Name: {$userName}

    "; Example: echo $user_input; File: create_admin_user.php Line: 169 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Previous Role: {$oldRole}

    "; Example: echo $user_input; File: create_admin_user.php Line: 205 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Email: {$email}

    "; Example: echo $user_input; File: create_admin_user.php Line: 206 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Name: {$firstName} {$lastName}

    "; Example: echo $user_input; File: create_admin_user.php Line: 207 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Role: {$role}

    "; Example: echo $user_input; File: create_admin_user.php Line: 208 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    Status: {$status}

    "; Example: echo $user_input; File: create_admin_user.php Line: 209 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "

    User ID: {$userId}

    "; Example: echo $user_input; File: create_admin_user.php Line: 215 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "
  • Email: {$email}
    • "; Example: echo $user_input; File: create_admin_user.php Line: 216 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "
  • Password: {$tempPassword}
    • "; Example: echo $user_input; File: setup_co_applicant_fields.php Line: 49 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "Successful statements: $successCount\n"; Example: echo $user_input; File: setup_co_applicant_fields.php Line: 50 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo "Failed statements: $errorCount\n"; Example: echo $user_input; File: qr_codes.php Line: 102 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo json_encode($data); Example: echo $user_input; File: dashboard.php Line: 496 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 503 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 765 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 788 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 788 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 807 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 812 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 812 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 831 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 836 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 836 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 861 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 866 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 866 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 894 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 899 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 899 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 1170 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:

    Example: echo $user_input; File: dashboard.php Line: 1204 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:

    Example: echo $user_input; File: dashboard.php Line: 1382 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1383 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1384 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1385 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1386 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1417 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1418 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1419 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1444 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1445 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1446 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1494 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1495 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1496 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1497 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1498 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1499 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1500 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1501 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1502 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1503 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1504 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1505 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1522 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1523 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1524 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1525 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1526 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1527 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1528 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1529 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1530 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1531 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1532 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1533 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1542 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1543 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1544 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1545 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1637 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: class="h-4 w-4 text-ahsti-blue border-slate-300 focus:ring-ahsti-light-blue" onchange="toggleEmploymentYears()" /> Example: echo $user_input; File: dashboard.php Line: 1641 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: class="h-4 w-4 text-ahsti-blue border-slate-300 focus:ring-ahsti-light-blue" onchange="toggleEmploymentYears()" /> Example: echo $user_input; File: dashboard.php Line: 1667 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 1671 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1672 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1673 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1674 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1675 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1676 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1677 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1694 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: class="h-4 w-4 text-ahsti-blue border-slate-300 focus:ring-ahsti-light-blue" onchange="toggleCoApplicantDetails()" /> Example: echo $user_input; File: dashboard.php Line: 1698 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: class="h-4 w-4 text-ahsti-blue border-slate-300 focus:ring-ahsti-light-blue" onchange="toggleCoApplicantDetails()" /> Example: echo $user_input; File: dashboard.php Line: 1705 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: dashboard.php Line: 1729 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1730 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1731 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1732 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1757 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 1758 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: dashboard.php Line: 2019 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo $document['status'] === 'approved' ? 'bg-green-100' : Example: echo $user_input; File: dashboard.php Line: 2024 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo $document['status'] === 'approved' ? 'text-green-600' : Example: echo $user_input; File: dashboard.php Line: 2035 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: MB • Example: echo $user_input; File: dashboard.php Line: 2042 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo $document['status'] === 'approved' ? 'bg-green-100 text-green-800' : Example: echo $user_input; File: dashboard.php Line: 2048 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 1851 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 1856 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: onclick="changeCustomerPage()" Example: echo $user_input; File: cj_dashboard.php Line: 1857 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: class="px-3 py-2 border border-slate-300 rounded-lg hover:bg-slate-50 = $customer_total_pages ? 'opacity-50 cursor-not-allowed' : ''; ?>" Example: echo $user_input; File: cj_dashboard.php Line: 1858 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: = $customer_total_pages ? 'disabled' : ''; ?>> Example: echo $user_input; File: cj_dashboard.php Line: 1938 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Showing of tasks on this page Example: echo $user_input; File: cj_dashboard.php Line: 1942 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 1952 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code:
    Example: echo $user_input; File: cj_dashboard.php Line: 1962 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 2010 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo $task['status'] === 'completed' ? 'bg-green-100 text-green-800' : Example: echo $user_input; File: cj_dashboard.php Line: 2015 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: ?>"> Example: echo $user_input; File: cj_dashboard.php Line: 2037 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Due: Example: echo $user_input; File: cj_dashboard.php Line: 2043 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 2114 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 2119 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 2296 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: Example: echo $user_input; File: cj_dashboard.php Line: 2301 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: onclick="changeDocPage()" Example: echo $user_input; File: cj_dashboard.php Line: 2302 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: class="px-3 py-2 border border-slate-300 rounded-lg hover:bg-slate-50 = $doc_review_total_pages ? 'opacity-50 cursor-not-allowed' : ''; ?>" Example: echo $user_input; File: cj_dashboard.php Line: 2303 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: = $doc_review_total_pages ? 'disabled' : ''; ?>> Example: echo $user_input; File: cj_dashboard.php Line: 2361 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: data-type="" Example: echo $user_input; File: cj_dashboard.php Line: 2362 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: data-status="" Example: echo $user_input; File: cj_dashboard.php Line: 2363 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: data-filename=""> Example: echo $user_input; File: cj_dashboard.php Line: 2367 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: echo $file['status'] === 'approved' ? 'bg-green-100' : Example: echo $user_input; File: cj_dashboard.php Line: 2371 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: )" class="px-3 py-1 bg-blue-600 text-white rounded-lg hover:bg-blue-700 text-sm"> Example: echo $user_input; File: cj_dashboard.php Line: 2409 Issue: Unescaped echo with variable Description: Direct echo of variables without htmlspecialchars or escape_html Code: