diff --git a/app/controllers/resources/admin.php b/app/controllers/resources/admin.php
index 85538fa0855e3a9d2b731dba5776f915deb4a526..94319113c937b6d703e24c4145b7d6fff94d59a8 100644
--- a/app/controllers/resources/admin.php
+++ b/app/controllers/resources/admin.php
@@ -748,10 +748,6 @@ class Resources_AdminController extends AuthenticatedController
             _('Teilbare RÃ¤ume verwalten')
         );
 
-        if (Request::isPost()) {
-            CSRFProtection::verifyUnsafeRequest();
-        }
-
         $this->separable_room_name = '';
 
         $db = DBManager::get();
@@ -767,6 +763,8 @@ class Resources_AdminController extends AuthenticatedController
         }
 
         if (Request::submitted('create_separable_room')) {
+            CSRFProtection::verifyUnsafeRequest();
+
             $selected_single_room_ids  = Request::getArray('selected_single_rooms');
             $this->separable_room_name = Request::get('separable_room_name');
 
@@ -854,6 +852,8 @@ class Resources_AdminController extends AuthenticatedController
         }
 
         if (Request::submitted('add_room_part')) {
+            CSRFProtection::verifyUnsafeRequest();
+
             $selected_single_room_ids = Request::getArray('selected_single_rooms');
 
             $resources = Resource::findMany($selected_single_room_ids);
@@ -959,23 +959,31 @@ class Resources_AdminController extends AuthenticatedController
         }
 
         if (Request::submitted('delete_separable_room')) {
+            CSRFProtection::verifyUnsafeRequest();
+
             $delete_separable_room_array = Request::getArray('delete_separable_room');
             $separable_room_id           = array_keys($delete_separable_room_array)[0];
             $this->deleteSeparableRoomsById([$separable_room_id]);
         }
 
         if (Request::submitted('bulk_delete_separable_rooms')) {
+            CSRFProtection::verifyUnsafeRequest();
+
             $separable_room_ids = Request::getArray('selected_separable_rooms');
             $this->deleteSeparableRoomsById($separable_room_ids);
         }
 
         if (Request::submitted('delete_room_part')) {
+            CSRFProtection::verifyUnsafeRequest();
+
             $delete_room_part_array = Request::getArray('delete_room_part');
             $room_part_id           = array_keys($delete_room_part_array)[0];
             $this->deleteSeparableRoomPartsById([$room_part_id]);
         }
 
         if (Request::submitted('bulk_delete_room_parts')) {
+            CSRFProtection::verifyUnsafeRequest();
+
             $room_part_ids = Request::getArray('selected_room_parts');
             $this->deleteSeparableRoomPartsById($room_part_ids);
         }
diff --git a/app/controllers/resources/export.php b/app/controllers/resources/export.php
index 82128ffb2067093b759bbeb280081b2f6994f6fb..561bdf90627d09a576f9d49cc6d1be13c44f1eb1 100644
--- a/app/controllers/resources/export.php
+++ b/app/controllers/resources/export.php
@@ -243,9 +243,7 @@ class Resources_ExportController extends AuthenticatedController
 
     public function bookings_action()
     {
-        if (Request::isPost()) {
-            CSRFProtection::verifyUnsafeRequest();
-        }
+        CSRFProtection::verifyUnsafeRequest();
 
         //Get the IDs of all selected clipboards and rooms:
         $this->selected_clipboard_ids = Request::getArray('selected_clipboards');