From: Lukas Reschke <lukas@owncloud.com>
Date: Tue, 20 Jan 2015 11:24:13 +0000 (+0100)
Subject: Streamline CSRF and login check
X-Git-Tag: v8.1.0alpha1~561^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=e25a0303f4eeda88fd7d8b76ee3d41a6081dfb74;p=nextcloud-server.git

Streamline CSRF and login check

Let's make this consistent with other pieces of the code to make it easier to auditable.
---

diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php
index 0eb144aca56..159a8b5d7a3 100644
--- a/apps/files/ajax/newfile.php
+++ b/apps/files/ajax/newfile.php
@@ -3,9 +3,8 @@
 // Init owncloud
 global $eventSource;
 
-if(!OC_User::isLoggedIn()) {
-	exit;
-}
+\OCP\JSON::checkLoggedIn();
+\OCP\JSON::callCheck();
 
 \OC::$server->getSession()->close();
 
@@ -17,8 +16,6 @@ $source = isset( $_REQUEST['source'] ) ? trim($_REQUEST['source'], '/\\') : '';
 
 if($source) {
 	$eventSource = \OC::$server->createEventSource();
-} else {
-	OC_JSON::callCheck();
 }
 
 function progress($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) {
@@ -138,7 +135,7 @@ if($source) {
 				}
 			}
 		}
-		$result=\OC\Files\Filesystem::file_put_contents($target, $sourceStream);
+		$result = \OC\Files\Filesystem::file_put_contents($target, $sourceStream);
 	}
 	if($result) {
 		$meta = \OC\Files\Filesystem::getFileInfo($target);