diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index b166feeb..e1b3866b 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -386,7 +386,7 @@ function shifts_json_export_controller() if ( !$request->has('key') - || !preg_match('/^[\da-f]{32}$/', $request->input('key')) + || !$request->input('key') || !$user ) { throw new HttpForbidden('{"error":"Missing or invalid key"}', ['content-type' => 'application/json']); diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index e79b3d46..e21a13c4 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -15,7 +15,7 @@ function user_atom() if ( !$request->has('key') - || !preg_match('/^[\da-f]{32}$/', $request->input('key')) + || !$request->input('key') || empty($user) ) { throw new HttpForbidden('Missing or invalid key', ['content-type' => 'text/text']); @@ -50,7 +50,7 @@ function make_atom_entries_from_news($news_entries)