https://reisub.nsupdate.info/git / friendica.git / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Normalize use of form security tokens in Admin modules
[friendica.git/.git] / src / Module / Admin / Blocklist / Contact.php
diff --git a/src/Module/Admin/Blocklist/Contact.php b/src/Module/Admin/Blocklist/Contact.php
index 8893623..5a7d138 100644 (file)
--- a/src/Module/Admin/Blocklist/Contact.php
+++ b/src/Module/Admin/Blocklist/Contact.php
@@ -34,12 +34,12 @@ class Contact extends BaseAdmin
        {
                parent::post($parameters);
 
+               self::checkFormSecurityTokenRedirectOnError('/admin/blocklist/contact', 'admin_contactblock');
+
                $contact_url  = $_POST['contact_url'] ?? '';
                $block_reason = $_POST['contact_block_reason'] ?? '';
                $contacts     = $_POST['contacts'] ?? [];
 
-               parent::checkFormSecurityTokenRedirectOnError('/admin/blocklist/contact', 'admin_contactblock');
-
                if (!empty($_POST['page_contactblock_block'])) {
                        $contact_id = Model\Contact::getIdForURL($contact_url);
                        if ($contact_id) {
@@ -89,7 +89,7 @@ class Contact extends BaseAdmin
                        '$h_newblock'  => DI::l10n()->t('Block New Remote Contact'),
                        '$th_contacts' => [DI::l10n()->t('Photo'), DI::l10n()->t('Name'), DI::l10n()->t('Reason')],
 
-                       '$form_security_token' => parent::getFormSecurityToken('admin_contactblock'),
+                       '$form_security_token' => self::getFormSecurityToken('admin_contactblock'),
 
                        // values //
                        '$baseurl'    => DI::baseUrl()->get(true),
mirror https://github.com/friendica/friendica.git