method() !== 'POST') { http_response_code(405); Router::json(['ok' => false, 'error' => 'method_not_allowed']); return; } if (!Session::checkCsrfToken()) { http_response_code(403); Router::json(['ok' => false, 'error' => 'csrf']); return; } $session = app(SessionStoreInterface::class)->all(); $userId = (int) ($session['user']['id'] ?? 0); $name = trim((string) requestInput()->body('name')); $url = trim((string) requestInput()->body('url')); $groupId = requestInput()->body('group_id'); $groupId = ($groupId !== null && $groupId !== '') ? (int) $groupId : null; $service = app(BookmarkService::class); $result = $service->saveBookmark($userId, $name, $url, $groupId); if ($result['ok']) { app(SessionStoreInterface::class)->set('user_bookmarks', $service->listGroupedForUser($userId)); } Router::json($result);