CSRF checks
This commit is contained in:
parent
b7c510a61a
commit
04a0755fd3
4 changed files with 5 additions and 0 deletions
|
@ -1,6 +1,8 @@
|
|||
<?php
|
||||
OCP\JSON::checkLoggedIn();
|
||||
OCP\JSON::checkAppEnabled('files_sharing');
|
||||
OCP\JSON::callCheck();
|
||||
|
||||
$user = OCP\USER::getUser();
|
||||
// TODO translations
|
||||
$type = (strpos($_POST['file'], '.') === false) ? 'folder' : 'file';
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
OCP\JSON::checkAppEnabled('files_sharing');
|
||||
OCP\JSON::checkLoggedIn();
|
||||
OCP\JSON::callCheck();
|
||||
|
||||
$source = '/'.OCP\USER::getUser().'/files'.$_POST['source'];
|
||||
$uid_shared_with = $_POST['uid_shared_with'];
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
OCP\JSON::checkAppEnabled('files_sharing');
|
||||
OCP\JSON::checkLoggedIn();
|
||||
OCP\JSON::callCheck();
|
||||
|
||||
$userDirectory = '/'.OCP\USER::getUser().'/files';
|
||||
$sources = explode(';', $_POST['sources']);
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
OCP\JSON::checkAppEnabled('files_sharing');
|
||||
OCP\JSON::checkLoggedIn();
|
||||
OCP\JSON::callCheck();
|
||||
|
||||
$source = '/'.OCP\USER::getUser().'/files'.$_POST['source'];
|
||||
$uid_shared_with = $_POST['uid_shared_with'];
|
||||
|
|
Loading…
Reference in a new issue