CSRF checks

This commit is contained in:
Lukas Reschke 2012-07-07 16:03:21 +02:00
parent b7c510a61a
commit 04a0755fd3
4 changed files with 5 additions and 0 deletions

View file

@ -1,6 +1,8 @@
<?php
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('files_sharing');
OCP\JSON::callCheck();
$user = OCP\USER::getUser();
// TODO translations
$type = (strpos($_POST['file'], '.') === false) ? 'folder' : 'file';

View file

@ -2,6 +2,7 @@
OCP\JSON::checkAppEnabled('files_sharing');
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$source = '/'.OCP\USER::getUser().'/files'.$_POST['source'];
$uid_shared_with = $_POST['uid_shared_with'];

View file

@ -2,6 +2,7 @@
OCP\JSON::checkAppEnabled('files_sharing');
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$userDirectory = '/'.OCP\USER::getUser().'/files';
$sources = explode(';', $_POST['sources']);

View file

@ -2,6 +2,7 @@
OCP\JSON::checkAppEnabled('files_sharing');
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$source = '/'.OCP\USER::getUser().'/files'.$_POST['source'];
$uid_shared_with = $_POST['uid_shared_with'];