maket/MaketRandevu
1
1
Fork 0
Code Issues 15 Pull requests Projects Releases 4 Packages Wiki Activity

Block the public booking operations if the booking page is disabled

Browse source
This commit is contained in:
Alex Tselegidis 2023-12-22 12:48:06 +01:00
parent 2878d1299a
commit aeadbfbe98
2 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
application/controllers/Booking.php
View file

@ -290,6 +290,12 @@ class Booking extends EA_Controller
public function register() public function register()
{ {
try { try {
$disable_booking = setting('disable_booking');
if ($disable_booking) {
abort(403);
}
$post_data = request('post_data'); $post_data = request('post_data');
$captcha = request('captcha'); $captcha = request('captcha');
$appointment = $post_data['appointment']; $appointment = $post_data['appointment'];
@ -574,6 +580,12 @@ class Booking extends EA_Controller
public function get_available_hours() public function get_available_hours()
{ {
try { try {
$disable_booking = setting('disable_booking');
if ($disable_booking) {
abort(403);
}
$provider_id = request('provider_id'); $provider_id = request('provider_id');
$service_id = request('service_id'); $service_id = request('service_id');
$selected_date = request('selected_date'); $selected_date = request('selected_date');
@ -650,6 +662,12 @@ class Booking extends EA_Controller
public function get_unavailable_dates() public function get_unavailable_dates()
{ {
try { try {
$disable_booking = setting('disable_booking');
if ($disable_booking) {
abort(403);
}
$provider_id = request('provider_id'); $provider_id = request('provider_id');
$service_id = request('service_id'); $service_id = request('service_id');
$appointment_id = request('appointment_id'); $appointment_id = request('appointment_id');

6
application/controllers/Booking_cancellation.php
View file

@ -49,6 +49,12 @@ class Booking_cancellation extends EA_Controller
public function of(string $appointment_hash) public function of(string $appointment_hash)
{ {
try { try {
$disable_booking = setting('disable_booking');
if ($disable_booking) {
abort(403);
}
$cancellation_reason = request('cancellation_reason'); $cancellation_reason = request('cancellation_reason');
if ($this->input->method() !== 'post' || empty($cancellation_reason)) { if ($this->input->method() !== 'post' || empty($cancellation_reason)) {