diff options
author | Igor Scheller <igor.scheller@igorshp.de> | 2018-11-20 16:02:03 +0100 |
---|---|---|
committer | msquare <msquare@notrademark.de> | 2018-11-21 19:24:36 +0100 |
commit | 944c29b96429ec95ac1371cb33cc43704a60c7b1 (patch) | |
tree | 7be99e68d8c15fc7e210a4b3ccc44861a8d1de64 /includes/pages/guest_login.php | |
parent | fd37c9d60ea818dc9a562fa88ff5f9a50132506f (diff) |
Require POST for sending forms
* Ensure that the form is submitted with a post request
* Replaced several links with forms
Closes #494 (Security Vulnerability)
Diffstat (limited to 'includes/pages/guest_login.php')
-rw-r--r-- | includes/pages/guest_login.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 5c3193f8..e1c6dfa4 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -79,7 +79,7 @@ function guest_register() ]); } - if ($request->has('submit')) { + if ($request->hasPostData('submit')) { $valid = true; if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 1) { @@ -388,7 +388,7 @@ function guest_login() $session->remove('uid'); - if ($request->has('submit')) { + if ($request->hasPostData('submit')) { if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) { $nick = User_validate_Nick($request->input('nick')); $login_user = User::whereName($nick)->first(); |