refactor(actions): centralize core page request/csrf guards
This commit is contained in:
@@ -2,17 +2,17 @@
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$target = Request::safeReturnTarget(requestInput()->bodyAll()['return'] ?? '');
|
||||
$request = requestInput();
|
||||
$target = Request::safeReturnTarget($request->bodyAll()['return'] ?? '');
|
||||
|
||||
if (requestInput()->method() !== 'POST') {
|
||||
Router::redirect($target);
|
||||
if (!actionRequirePost($target)) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!Session::checkCsrfToken()) {
|
||||
Router::redirect($target);
|
||||
if (!actionRequireCsrf($target, flashOnFailure: false)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$flashId = isset($id) ? trim((string) $id) : '';
|
||||
|
||||
Reference in New Issue
Block a user