prevent from unconsious entering of two or three step

diff --git a/erp24/actions/timetable/StartShiftStepThreeAction.php b/erp24/actions/timetable/StartShiftStepThreeAction.php
index 133de72d5e27d1d47b853fc49271dd8adebc08ef..6c42d6a86bdc136851f9ea9436c928e9f5e3a143 100755 (executable)
--- a/erp24/actions/timetable/StartShiftStepThreeAction.php
+++ b/erp24/actions/timetable/StartShiftStepThreeAction.php
@@ -16,6 +16,9 @@ class StartShiftStepThreeAction extends Action
 
     public function run()
     {
+        if (!$this->controller->request->isPost) {
+            return $this->controller->redirect(['timetable/start-shift-step-one']);
+        }
         /** @var Admin $userModel */
          $userModel = Admin::find()->andWhere(['id' => $_SESSION['admin_id']])->one();
         if (!$userModel) {

diff --git a/erp24/actions/timetable/StartShiftStepTwoAction.php b/erp24/actions/timetable/StartShiftStepTwoAction.php
index 80246ad02b1471df170150658c0c8725d8c9e761..1eac2908e05067473837c0fd6548a988359ef532 100755 (executable)
--- a/erp24/actions/timetable/StartShiftStepTwoAction.php
+++ b/erp24/actions/timetable/StartShiftStepTwoAction.php
@@ -23,6 +23,9 @@ class StartShiftStepTwoAction extends Action
 
     public function run()
     {
+        if (!$this->controller->request->isPost) {
+            return $this->controller->redirect(['timetable/start-shift-step-one']);
+        }
         /** @var AdminDesktop | null $device */
         $device = isset($_COOKIE['device_key']) ? AdminDesktop::getByToken(htmlentities($_COOKIE["device_key"])) : '';
         if (!$device) {