diff --git a/pub/api/classes/API.php b/pub/api/classes/API.php index 703c2fd..b78b09a 100644 --- a/pub/api/classes/API.php +++ b/pub/api/classes/API.php @@ -477,19 +477,8 @@ class API # The HTTP_X_HTTP_METHOD_OVERRIDE header is allowed for API requests because # some web servers do not support PUT or DELETE methods by default. # This override is only applied when the request method is POST and the header is present. - $override = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ?? null; - if ($method === 'POST' && is_string($override)) { - $override = strtoupper($override); - - if (in_array($override, $allowedMethods, true)) { - $method = $override; - } - } - - # Since browser doesnt allow DELETE or PUTs from the frontend forms (apart from some javascript/ajax fuckery) - # we need to check the _method POST value. - if ($this->user_type === 'frontend' && $method === 'POST' && isset($_POST['_method'])) { - $override = strtoupper($_POST['_method']); + if ($method === 'POST' && isset($_POST['X-HTTP-Method-Override'])) { + $override = strtoupper($_POST['X-HTTP-Method-Override']); if (in_array($override, $allowedMethods, true)) { $method = $override; diff --git a/pub/api/v1/portal-management/permissions/index.php b/pub/api/v1/portal-management/permissions/index.php index e0a31e4..632ea22 100644 --- a/pub/api/v1/portal-management/permissions/index.php +++ b/pub/api/v1/portal-management/permissions/index.php @@ -25,7 +25,7 @@ if ($API_permissions->request_method === 'GET') { $API_permissions->validateData($requiredFields, $optionalFields); $permissions = $API_permissions->getPermission(); - $API_permissions->apiOutput($code = 200, ['success' => $permissions], 'permission_retrieved'); + $API_permissions->apiOutput($code = 200, $permissions, 'permission_retrieved'); } elseif ($API_permissions->request_method === 'POST') { diff --git a/pub/api/v1/portal-management/user-groups/index.php b/pub/api/v1/portal-management/user-groups/index.php index 907784a..20e631c 100644 --- a/pub/api/v1/portal-management/user-groups/index.php +++ b/pub/api/v1/portal-management/user-groups/index.php @@ -55,7 +55,7 @@ if ($API_usergroups->request_method === 'GET') { $API_usergroups->checkPermissions('admin-access-control-user-groups', 'RW'); - # when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection + # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection $API_usergroups->return_url = false; $requiredFields = ['user_group_uuid' => ['type' => 'uuid']]; diff --git a/pub/bin/pages/autop/pageDevices_edit.php b/pub/bin/pages/autop/pageDevices_edit.php index 2023aa5..b99015f 100644 --- a/pub/bin/pages/autop/pageDevices_edit.php +++ b/pub/bin/pages/autop/pageDevices_edit.php @@ -79,7 +79,7 @@ if ($device_found) { $formBuilder->startForm(); ?>