diff --git a/application/controllers/Booking_cancellation.php b/application/controllers/Booking_cancellation.php
index 28cc7306..6c113cc7 100755
--- a/application/controllers/Booking_cancellation.php
+++ b/application/controllers/Booking_cancellation.php
@@ -48,6 +48,13 @@ class Booking_cancellation extends EA_Controller {
{
try
{
+ $cancellation_reason = request('cancellation_reason');
+
+ if ($this->input->method() !== 'post' || empty($cancellation_reason))
+ {
+ abort(403, 'Forbidden');
+ }
+
$exceptions = [];
$occurrences = $this->appointments_model->get(['hash' => $appointment_hash]);
diff --git a/application/libraries/Notifications.php b/application/libraries/Notifications.php
index 3ebee28a..ca761c1d 100644
--- a/application/libraries/Notifications.php
+++ b/application/libraries/Notifications.php
@@ -209,7 +209,7 @@ class Notifications {
if (empty($delete_reason))
{
- $delete_reason = (string)request('cancel_reason');
+ $delete_reason = (string)request('cancellation_reason');
}
// Notify provider.
diff --git a/application/views/components/booking_cancellation_frame.php b/application/views/components/booking_cancellation_frame.php
index 3ba831ac..169ee81b 100644
--- a/application/views/components/booking_cancellation_frame.php
+++ b/application/views/components/booking_cancellation_frame.php
@@ -18,7 +18,7 @@
-
+