Merge branch '7470-disalow-get-for-valuestore-update' into 'master'

valuestore: disallow GET for action=update

See merge request !70

public_html/valuestore/index.php

@@ -87,6 +87,12 @@ function getParam(string $sKey, string $sRegex4Cleanup = ''): bool|int|string
  */
 function disallowGet(string $sVar, string $sValue): void
 {
+    if (isset($_POST[$sVar]) && $_POST[$sVar] == $sValue) {
+        // the value was found in the POST scope
+        // then we don't need to check the GET scope
+        return;
+    } 
+
     if (isset($_GET[$sVar]) && $_GET[$sVar] == $sValue) {
         quit("ERROR: $sVar = $sValue is not allowed with GET.");
     }
@@ -108,9 +114,7 @@ if (
 }
 disallowGet('action', 'cleanup');
 disallowGet('action', 'delete');
-
-// used by Anasible to update the value ... I disable it for now to fix it in the near future
-// disallowGet('action', 'update');
+disallowGet('action', 'update');
 
 $sProject = getParam('project', '/[^a-z\-\_0-9]/');
 $sPackage = getParam('package', '/[^a-z\-\_0-9]/');