post_only for ws admin write methods without token (avoid XSRF)
git-svn-id: http://piwigo.org/svn/trunk@25382 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices
parent
401c088364
commit
6caa1e5825
1 changed files with 2 additions and 2 deletions
4
ws.php
4
ws.php
|
|
@ -787,7 +787,7 @@ function ws_addDefaultMethods( $arr )
|
|||
),
|
||||
'<b>Admin only.</b> Adds one or more users to a group.',
|
||||
$ws_functions_root . 'pwg.groups.php',
|
||||
array('admin_only'=>true)
|
||||
array('admin_only'=>true, 'post_only'=>true)
|
||||
);
|
||||
|
||||
$service->addMethod(
|
||||
|
|
@ -930,7 +930,7 @@ function ws_addDefaultMethods( $arr )
|
|||
),
|
||||
'<b>Admin only.</b> Adds permissions to an album.',
|
||||
$ws_functions_root . 'pwg.permissions.php',
|
||||
array('admin_only'=>true)
|
||||
array('admin_only'=>true, 'post_only'=>true)
|
||||
);
|
||||
|
||||
$service->addMethod(
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue