Add missing CSRF checks

2021-06-05 14:33:19 -07:00
parent 41102ec161
commit 71123b0f37
23 changed files with 58 additions and 17 deletions
--- a/app/Controller/TaskModificationController.php
+++ b/app/Controller/TaskModificationController.php
@@ -16,6 +16,7 @@ class TaskModificationController extends BaseController
 {
    public function assignToMe()
    {
+        $this->checkReusableGETCSRFParam();
        $task = $this->getTask();
        $values = ['id' => $task['id'], 'owner_id' => $this->userSession->getId()];

@@ -38,6 +39,7 @@ class TaskModificationController extends BaseController
     */
    public function start()
    {
+        $this->checkReusableGETCSRFParam();
        $task = $this->getTask();
        $values = ['id' => $task['id'], 'date_started' => time()];