From 944c29b96429ec95ac1371cb33cc43704a60c7b1 Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Tue, 20 Nov 2018 16:02:03 +0100
Subject: Require POST for sending forms

* Ensure that the form is submitted with a post request
* Replaced several links with forms

Closes #494 (Security Vulnerability)
---
 includes/pages/user_questions.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'includes/pages/user_questions.php')

diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php
index 9027ada7..19999577 100644
--- a/includes/pages/user_questions.php
+++ b/includes/pages/user_questions.php
@@ -43,7 +43,7 @@ function user_questions()
         switch ($request->input('action')) {
             case 'ask':
                 $question = strip_request_item_nl('question');
-                if ($question != '') {
+                if ($question != '' && $request->hasPostData('submit')) {
                     DB::insert('
                         INSERT INTO `Questions` (`UID`, `Question`)
                         VALUES (?, ?)
@@ -60,7 +60,11 @@ function user_questions()
                 }
                 break;
             case 'delete':
-                if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+                if (
+                    $request->has('id')
+                    && preg_match('/^\d{1,11}$/', $request->input('id'))
+                    && $request->hasPostData('submit')
+                ) {
                     $question_id = $request->input('id');
                 } else {
                     return error(__('Incomplete call, missing Question ID.'), true);
-- 
cgit v1.2.3-54-g00ecf