Send the requesttoken as form value

This is needed for IE < 8 because it doesn't send the CSRF token here.
So that it is impossible to upload files.

Fixes #110 and related to #122
This commit is contained in:
Lukas Reschke 2012-10-30 17:19:49 +01:00
parent ac784baef6
commit ee1e4a7602

View file

@ -14,6 +14,8 @@
<div class="file_upload_wrapper svg"> <div class="file_upload_wrapper svg">
<form data-upload-id='1' id="data-upload-form" class="file_upload_form" action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target_1"> <form data-upload-id='1' id="data-upload-form" class="file_upload_form" action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target_1">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload"> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
<!-- Send the requesttoken, this is needed for IE < 8 because it doesn't send the CSRF token -->
<input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>" id="requesttoken">
<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)"> <input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
<input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir"> <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
<input class="file_upload_start" type="file" name='files[]'/> <input class="file_upload_start" type="file" name='files[]'/>