Explanation

All the SQL Queries used in the project are not sanitised. This makes it highly susceptible to SQL injection attacks. We need to sanitise all queries before they are passed to the database. We do not expect you to sanitise all of the queries since that would take too much time and would be lengthy. Sanitise all queries from the login page to the home page. This includes all the pages that come in between in the flow, including the register page, forgot password, etc.

Possible Way To Fix It

Use pattern matching/ text parsing specific to the context to sanitise the SQL queries. Another way is to use the sanitisation feature of SQLAlchemy

Resources

SQLAlchemy Sanitisation

Bounty Points: 40 to 80 Depending on the number of queries sanitised and the amount of login/code required.

• You can sanitize a small subset of queries and get lower bounties.[The issue will remain open until majority of sql queries are sanitized.

Explanation

We send out emails on the forgot password screen, OTP during registration, and for every purchase. These emails are just plain text and look very bland. We need to use HTML styling to make our emails look better. Feel free to use your creativity!

Possible way to fix it

Use HTML attributes to make the email look better. Use bold text, colours, images etc., it is totally up to your creativity :) When you're done, get the HTML code and replace them in the place of the plain text that we have now. As far as I know, this should make the final email display in HTML formatting. Perform good testing before submitting your PR.

Maintainers Knowledge

You can use online HTML designers to make our emails. There are drag-and-drop editors available online that are amazing. Explore them!

Initial time for open access: 20 Mins

Maximum allowed block time: 2Hrs

Bounty Points: 50 to 60 depending on your design

Explanation

All the SQL Queries used in the project are not sanitised. This makes it highly susceptible to SQL injection attacks. We need to sanitise all queries before they are passed to the database. We do not expect you to sanitise all of the queries since that would take too much time and would be lengthy. Sanitise all queries in the pages connected to the home page. This includes Items Page, Selling Page, Sell Page and the transactions. This issue has higher points awarded since it involves a higher number of pages.

Possible Way To Fix It

Use pattern matching/ text parsing specific to the context to sanitise the SQL queries. Another way is to use the sanitisation feature of SQLAlchemy

Resources

SQLAlchemy Sanitisation

Bounty Points: 40 - 80 Depending on the number of queries sanitised and the amount of login/code required.

Explanation

The repository now looks really messy with all the assets just askew in the root folder. We need to move them to their respective folders. One folder for all the .ui files, one for the images and other assets.

Possible way to fix it

• Move all the files to their respective folders.
• Change references IN the .ui files to the images (The .ui files contain references to the images used on that page. When we move the files, this gets affected and it has to be reconfigured in Qt Designer by opening the files one by one)
• Change references in main.py

Resources

Qt Documentation
Revert back to maintainer in case of any doubts :)

Time for Open Access: 20 Mins

Max allowed block time: 1Hr 30Mins

Bounty Points: 69

About

The current implementation uses imagekitio for all image storage. This is not ideal as everytime an image is changed, we have to purge the cache on imagekit's servers. Migrate this to use the firebase cloud storage.

Resources

This will require me to give you the project's firebase API keys. Aproach the maintainer for the same

Bounty 100

Explanation

The 'connected to server message' now is just 'Successfully Connected To Online Server'. Change that to 'Successfully connected to online SQL server.

Bounty Points

20 points

Hi @anuragrao04! 👋

Thank you for installing DevApe! 👨🏽‍💻🦍 I wanted to let you know I'm ready for use. Here's what I can do for you:

🔧 Create custom rules for your repository

• Tag me (@DevApeAI) in a comment with your desired rules.
• I will enforce these rules during pull request reviews.

🚨 When a new Pull Request is created...

• I automatically review it for code quality, security vulnerabilities, and compliance with your custom rules.

📊 When a new Issue is created...

• I provide AI-powered insights and suggestions to help resolve the issue faster.
• I can also auto-label and prioritize issues based on their content and context.

💬 Whenever you need assistance...

• Tag me (@DevApeAI) in a comment anywhere in your repository.
• I can answer questions about your codebase, provide code snippets, documentation links, and more!

If you have any questions or need support, feel free to reach out at [email protected].

Let's build amazing things together! 🚀