From 1472a72be2724195816f8965f5f5e84fdd86c0f1 Mon Sep 17 00:00:00 2001
From: Alexander Smirnov <fredeom@mail.ru>
Date: Thu, 24 Apr 2025 14:01:46 +0300
Subject: [PATCH] prevent from unconsious entering of two or three step

---
 erp24/actions/timetable/StartShiftStepThreeAction.php | 3 +++
 erp24/actions/timetable/StartShiftStepTwoAction.php   | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/erp24/actions/timetable/StartShiftStepThreeAction.php b/erp24/actions/timetable/StartShiftStepThreeAction.php
index 133de72d..6c42d6a8 100755
--- a/erp24/actions/timetable/StartShiftStepThreeAction.php
+++ b/erp24/actions/timetable/StartShiftStepThreeAction.php
@@ -16,6 +16,9 @@ class StartShiftStepThreeAction extends Action
 
     public function run()
     {
+        if (!$this->controller->request->isPost) {
+            return $this->controller->redirect(['timetable/start-shift-step-one']);
+        }
         /** @var Admin $userModel */
          $userModel = Admin::find()->andWhere(['id' => $_SESSION['admin_id']])->one();
         if (!$userModel) {
diff --git a/erp24/actions/timetable/StartShiftStepTwoAction.php b/erp24/actions/timetable/StartShiftStepTwoAction.php
index 80246ad0..1eac2908 100755
--- a/erp24/actions/timetable/StartShiftStepTwoAction.php
+++ b/erp24/actions/timetable/StartShiftStepTwoAction.php
@@ -23,6 +23,9 @@ class StartShiftStepTwoAction extends Action
 
     public function run()
     {
+        if (!$this->controller->request->isPost) {
+            return $this->controller->redirect(['timetable/start-shift-step-one']);
+        }
         /** @var AdminDesktop | null $device */
         $device = isset($_COOKIE['device_key']) ? AdminDesktop::getByToken(htmlentities($_COOKIE["device_key"])) : '';
         if (!$device) {
-- 
2.39.5