From 944c29b96429ec95ac1371cb33cc43704a60c7b1 Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Tue, 20 Nov 2018 16:02:03 +0100
Subject: Require POST for sending forms

* Ensure that the form is submitted with a post request
* Replaced several links with forms

Closes #494 (Security Vulnerability)
---
 includes/controller/event_config_controller.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'includes/controller/event_config_controller.php')

diff --git a/includes/controller/event_config_controller.php b/includes/controller/event_config_controller.php
index 79c276e4..e9b27cba 100644
--- a/includes/controller/event_config_controller.php
+++ b/includes/controller/event_config_controller.php
@@ -35,7 +35,7 @@ function event_config_edit_controller()
     /** @var Carbon $teardown_end_date */
     $teardown_end_date = $config->get('teardown_end');
 
-    if ($request->has('submit')) {
+    if ($request->hasPostData('submit')) {
         $valid = true;
 
         if ($request->has('event_name')) {
-- 
cgit v1.2.3-54-g00ecf