aboutsummaryrefslogtreecommitdiff
path: root/app/Controllers/configureController.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Controllers/configureController.php')
-rw-r--r--app/Controllers/configureController.php8
1 files changed, 8 insertions, 0 deletions
diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php
index 993982184..50edbbff7 100644
--- a/app/Controllers/configureController.php
+++ b/app/Controllers/configureController.php
@@ -443,6 +443,10 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
* Handles query deletion
*/
public function deleteQueryAction(): void {
+ if (!Minz_Request::isPost()) {
+ Minz_Error::error(403);
+ return;
+ }
$id = Minz_Request::paramInt('id');
if (Minz_Request::paramTernary('id') === null || empty(FreshRSS_Context::userConf()->queries[$id])) {
Minz_Error::error(404);
@@ -465,6 +469,10 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController {
* lean data.
*/
public function bookmarkQueryAction(): void {
+ if (!Minz_Request::isPost()) {
+ Minz_Error::error(403);
+ return;
+ }
$queries = [];
foreach (FreshRSS_Context::userConf()->queries as $key => $query) {
$queries[$key] = (new FreshRSS_UserQuery($query, FreshRSS_Context::categories(), FreshRSS_Context::labels()))->toArray();
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-10 13:22:04 +0000