Add profile feature, input sanitization, and stronger security checks

Backend:
- app/core/sanitize.py: shared sanitize_str, normalize_email, validate_phone,
  validate_date_of_birth — applied to every user-supplied DB-bound input
- app/schemas/user.py: sanitize full_name, normalize email on UserCreate
- app/models/profile.py: profiles table (position, phone, dob, address, updated_at)
- app/models/user.py: Profile back-ref, is_superuser admin-role comment
- app/schemas/profile.py: ProfileRead/ProfileUpdate with full sanitization
- app/routers/profile.py: GET+PUT /api/profile/me (lazy profile creation)
- app/main.py: register /api/profile router
- alembic migration 676084df61d1: create profiles table

Frontend:
- components/Nav.tsx: shared nav (Dashboard | Profile | Logout)
- pages/ProfilePage.tsx: profile view + inline edit form with error handling
- pages/DashboardPage.tsx: use Nav component
- api/client.ts: ProfileData type, getProfile, updateProfile
- App.tsx: /profile private route

Security:
- scripts/security_check.py: tighter SQL injection patterns (f-string/format/%
  in execute/query/text()), new SANIT category for raw request→DB patterns

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/app/core/sanitize.py

@@ -0,0 +1,74 @@
+"""
+Input sanitization utilities.
+
+Every string that originates from user input and is destined for the database
+MUST pass through these helpers before reaching a SQLAlchemy model or query.
+SQLAlchemy's ORM already uses bound parameters (no raw SQL), so these helpers
+address the layer above: ensuring data is well-formed, length-capped, and free
+of null bytes or control characters before it is stored.
+"""
+
+import re
+import unicodedata
+from datetime import date
+
+# ── Constants ─────────────────────────────────────────────────────────────────
+
+_PHONE_RE = re.compile(r"^\+?[\d\s\-()\[\]]{7,20}$")
+
+# ── Core helper ───────────────────────────────────────────────────────────────
+
+
+def sanitize_str(value: str | None, max_len: int = 255) -> str | None:
+    """Strip whitespace, reject null bytes and non-printable control characters,
+    enforce a maximum length.  Returns None unchanged so optional fields work
+    naturally with ``Optional[str]`` annotations."""
+    if value is None:
+        return None
+
+    # Strip leading/trailing whitespace
+    value = value.strip()
+
+    # Reject null bytes (common injection vector)
+    if "\x00" in value:
+        raise ValueError("Input must not contain null bytes")
+
+    # Reject ASCII control characters (0x01–0x1F, 0x7F) except tab/newline/CR
+    # which may appear in multi-line fields.  Use Unicode category 'Cc'.
+    for ch in value:
+        if unicodedata.category(ch) == "Cc" and ch not in ("\t", "\n", "\r"):
+            raise ValueError("Input contains invalid control characters")
+
+    if len(value) > max_len:
+        raise ValueError(f"Input must not exceed {max_len} characters")
+
+    return value if value != "" else None
+
+
+def normalize_email(value: str) -> str:
+    """Lowercase and strip an email address."""
+    return value.strip().lower()
+
+
+def validate_phone(value: str | None) -> str | None:
+    """Sanitize then validate phone number format."""
+    value = sanitize_str(value, max_len=20)
+    if value is None:
+        return None
+    if not _PHONE_RE.match(value):
+        raise ValueError(
+            "Phone number may only contain digits, spaces, +, -, (, ) and [ ] "
+            "and must be 7–20 characters"
+        )
+    return value
+
+
+def validate_date_of_birth(value: date | None) -> date | None:
+    """Reject obviously invalid birth dates (before 1900 or in the future)."""
+    if value is None:
+        return None
+    if value.year < 1900:
+        raise ValueError("Date of birth must be 1900 or later")
+    if value > date.today():
+        raise ValueError("Date of birth must not be in the future")
+    return value