OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
$bookid = $_POST['bookid'];
$book = OC_Contacts_App::getAddressbook($bookid);// is owner access check
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
$aid = isset($_POST['aid'])?$_POST['aid']:null;
if(!$aid) {
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+foreach($_SERVER as $key=>$value) {
+ OCP\Util::writeLog('contacts','ajax/saveproperty.php: _SERVER: '.$key.'=>'.print_r($value, true), OCP\Util::DEBUG);
+}
+foreach($_POST as $key=>$value) {
+ OCP\Util::writeLog('contacts','ajax/saveproperty.php: _POST: '.$key.'=>'.print_r($value, true), OCP\Util::DEBUG);
+}
+foreach($_GET as $key=>$value) {
+ OCP\Util::writeLog('contacts','ajax/saveproperty.php: _GET: '.$key.'=>'.print_r($value, true), OCP\Util::DEBUG);
+}
+OCP\JSON::callCheck();
function bailOut($msg) {
OCP\JSON::error(array('data' => array('message' => $msg)));
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
$userid = OCP\USER::getUser();
$name = trim(strip_tags($_POST['name']));
OCP\JSON::checkAppEnabled('contacts');
$tmpkey = $_GET['tmpkey'];
+$requesttoken = $_GET['requesttoken'];
$id = $_GET['id'];
$tmpl = new OCP\Template("contacts", "part.cropphoto");
$tmpl->assign('tmpkey', $tmpkey);
$tmpl->assign('id', $id);
+$tmpl->assign('requesttoken', $requesttoken);
$page = $tmpl->fetchPage();
OCP\JSON::success(array('data' => array( 'page' => $page )));
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
//$id = $_GET['id'];
$id = $_POST['id'];
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
+
+// foreach($_SERVER as $key=>$value) {
+// OCP\Util::writeLog('contacts','ajax/saveproperty.php: _SERVER: '.$key.'=>'.$value, OCP\Util::DEBUG);
+// }
+foreach($_POST as $key=>$value) {
+ OCP\Util::writeLog('contacts','ajax/saveproperty.php: _POST: '.$key.'=>'.print_r($value, true), OCP\Util::DEBUG);
+}
+foreach($_GET as $key=>$value) {
+ OCP\Util::writeLog('contacts','ajax/saveproperty.php: _GET: '.$key.'=>'.print_r($value, true), OCP\Util::DEBUG);
+}
$id = isset($_POST['id'])?$_POST['id']:null;
if(!$id) {
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
$id = $_POST['id'];
$checksum = $_POST['checksum'];
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
// Firefox and Konqueror tries to download application/json for me. --Arthur
OCP\JSON::setContentTypeHeader('text/plain');
*
*/
-// Check if we are a user
-OCP\JSON::checkLoggedIn();
-OCP\JSON::checkAppEnabled('contacts');
-
function bailOut($msg) {
OCP\JSON::error(array('data' => array('message' => $msg)));
OCP\Util::writeLog('contacts','ajax/saveproperty.php: '.$msg, OCP\Util::DEBUG);
OCP\Util::writeLog('contacts','ajax/saveproperty.php: '.$msg, OCP\Util::DEBUG);
}
+// Check if we are a user
+OCP\JSON::checkLoggedIn();
+OCP\JSON::checkAppEnabled('contacts');
+
+foreach($_SERVER as $key=>$value) {
+ debug('_SERVER: '.$key.'=>'.print_r($value, true));
+}
+foreach($_POST as $key=>$value) {
+ debug('_POST: '.$key.'=>'.print_r($value, true));
+}
+foreach($_GET as $key=>$value) {
+ debug('_GET: '.$key.'=>'.print_r($value, true));
+}
+OCP\JSON::callCheck();
+
$id = isset($_POST['id'])?$_POST['id']:null;
$name = isset($_POST['name'])?$_POST['name']:null;
$value = isset($_POST['value'])?$_POST['value']:null;
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
+
// Firefox and Konqueror tries to download application/json for me. --Arthur
OCP\JSON::setContentTypeHeader('text/plain');
function bailOut($msg) {
q = q + '&id=' + this.id + '&name=' + name;
if(checksum != undefined && checksum != '') { // save
q = q + '&checksum=' + checksum;
- //console.log('Saving: ' + q);
+ console.log('Saving: ' + q);
$(obj).attr('disabled', 'disabled');
$.post(OC.filePath('contacts', 'ajax', 'saveproperty.php'),q,function(jsondata){
if(jsondata.status == 'success'){
}
},'json');
} else { // add
- //console.log('Adding: ' + q);
+ console.log('Adding: ' + q);
$(obj).attr('disabled', 'disabled');
$.post(OC.filePath('contacts', 'ajax', 'addproperty.php'),q,function(jsondata){
if(jsondata.status == 'success'){
?>
<div id="card">
<form class="float" id="file_upload_form" action="<?php echo OCP\Util::linkTo('contacts', 'ajax/uploadphoto.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target">
+ <input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>">
<input type="hidden" name="id" value="<?php echo $_['id'] ?>">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
<div id="contact_identity" class="contactsection">
<form method="post">
<input type="hidden" name="id" value="<?php echo $_['id'] ?>">
+ <input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>">
<fieldset id="ident" class="contactpart">
<span class="propertycontainer" data-element="N"><input type="hidden" id="n" class="contacts_property" name="value" value="" /></span>
<span id="name" class="propertycontainer" data-element="FN">
<?php
$id = $_['id'];
$tmpkey = $_['tmpkey'];
+$csrf_token = $_GET['csrf_token'];
OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmpkey: '.$tmpkey, OCP\Util::DEBUG);
?>
<script language="Javascript">
action="<?php echo OCP\Util::linkToAbsolute('contacts', 'ajax/savecrop.php'); ?>">
<input type="hidden" id="id" name="id" value="<?php echo $id; ?>" />
+ <input type="hidden" name="requesttoken" value="<?php echo $csrf_token; ?>">
<input type="hidden" id="tmpkey" name="tmpkey" value="<?php echo $tmpkey; ?>" />
<fieldset id="coords">
<input type="hidden" id="x1" name="x1" value="" />