Require POST for sending forms

* Ensure that the form is submitted with a post request * Replaced several links with forms Closes #494 (Security Vulnerability)
author: Igor Scheller <igor.scheller@igorshp.de> 2018-11-20 16:02:03 +0100
committer: msquare <msquare@notrademark.de> 2018-11-21 19:24:36 +0100
commit: 944c29b96429ec95ac1371cb33cc43704a60c7b1 (patch)
tree: 7be99e68d8c15fc7e210a4b3ccc44861a8d1de64 /includes/pages/guest_login.php
parent: fd37c9d60ea818dc9a562fa88ff5f9a50132506f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index 5c3193f8..e1c6dfa4 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -79,7 +79,7 @@ function guest_register()
         ]);
     }
 
-    if ($request->has('submit')) {
+    if ($request->hasPostData('submit')) {
         $valid = true;
 
         if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 1) {
@@ -388,7 +388,7 @@ function guest_login()
 
     $session->remove('uid');
 
-    if ($request->has('submit')) {
+    if ($request->hasPostData('submit')) {
         if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) {
             $nick = User_validate_Nick($request->input('nick'));
             $login_user = User::whereName($nick)->first();
author	Igor Scheller <igor.scheller@igorshp.de>	2018-11-20 16:02:03 +0100
committer	msquare <msquare@notrademark.de>	2018-11-21 19:24:36 +0100
commit	944c29b96429ec95ac1371cb33cc43704a60c7b1 (patch)
tree	7be99e68d8c15fc7e210a4b3ccc44861a8d1de64 /includes/pages/guest_login.php
parent	fd37c9d60ea818dc9a562fa88ff5f9a50132506f (diff)