mirror of
https://github.com/alextselegidis/easyappointments.git
synced 2024-11-29 19:32:46 +03:00
Added POST constraint to backend_api controller.
This commit is contained in:
parent
4eb19df799
commit
fb1a0d6d25
1 changed files with 5 additions and 0 deletions
|
@ -9,6 +9,11 @@ class Backend_api extends CI_Controller {
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
parent::__construct();
|
parent::__construct();
|
||||||
|
|
||||||
|
// All the methods in this class must be accessible through a POST request.
|
||||||
|
if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST') {
|
||||||
|
$this->security->csrf_show_error();
|
||||||
|
}
|
||||||
|
|
||||||
$this->load->library('session');
|
$this->load->library('session');
|
||||||
$this->load->model('roles_model');
|
$this->load->model('roles_model');
|
||||||
$this->privileges = $this->roles_model->get_privileges($this->session->userdata('role_slug'));
|
$this->privileges = $this->roles_model->get_privileges($this->session->userdata('role_slug'));
|
||||||
|
|
Loading…
Reference in a new issue