diff options
| -rw-r--r-- | app/Controllers/feedController.php | 12 | ||||
| -rw-r--r-- | app/views/helpers/feed/update.phtml | 4 |
2 files changed, 14 insertions, 2 deletions
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index a63109c31..0b8c63bbe 100644 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -379,6 +379,9 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { * - id (default: false) */ public function truncateAction(): void { + if (!Minz_Request::isPost()) { + Minz_Request::forward(['c' => 'subscription'], true); + } $id = Minz_Request::paramInt('id'); $url_redirect = [ 'c' => 'subscription', @@ -1059,6 +1062,9 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { * - id (default: false) */ public function deleteAction(): void { + if (!Minz_Request::isPost()) { + Minz_Request::forward(['c' => 'subscription'], true); + } $from = Minz_Request::paramString('from'); $id = Minz_Request::paramInt('id'); @@ -1096,6 +1102,9 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { * */ public function clearCacheAction(): void { + if (!Minz_Request::isPost()) { + Minz_Request::forward(['c' => 'subscription'], true); + } //Get Feed. $id = Minz_Request::paramInt('id'); @@ -1122,6 +1131,9 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { * @throws FreshRSS_BadUrl_Exception */ public function reloadAction(): void { + if (!Minz_Request::isPost()) { + Minz_Request::forward(['c' => 'subscription'], true); + } if (function_exists('set_time_limit')) { @set_time_limit(300); } diff --git a/app/views/helpers/feed/update.phtml b/app/views/helpers/feed/update.phtml index 7c38487f5..f6419e301 100644 --- a/app/views/helpers/feed/update.phtml +++ b/app/views/helpers/feed/update.phtml @@ -870,9 +870,9 @@ <h2><?= _t('sub.feed.maintenance.title') ?></h2> <div class="form-group"> <div class="group-controls"> - <a class="btn btn-important" href="<?= _url('feed', 'clearCache', 'id', $this->feed->id(), '#', 'slider') ?>"> + <button class="btn btn-important" form="post-csrf" formaction="<?= _url('feed', 'clearCache', 'id', $this->feed->id(), '#', 'slider') ?>"> <?= _t('sub.feed.maintenance.clear_cache') ?> - </a> + </button> <p class="help"><?= _i('help') ?> <?= _t('sub.feed.maintenance.clear_cache_help') ?></p> </div> <div class="group-controls"> |