summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrank Karlitschek <frank@owncloud.org>2013-03-01 06:12:09 -0800
committerFrank Karlitschek <frank@owncloud.org>2013-03-01 06:12:09 -0800
commitf7cb53b103e6f1a9bd53055c384a4ca9c69a3948 (patch)
tree31a11203d1dcaeb614de736bb3459781f5e314e1
parent09dc15d2b190dbce3a2fe3b09e464ff534db0659 (diff)
parent93f15215c644ecd2a25c084227a4af719cef2a05 (diff)
downloadnextcloud-server-f7cb53b103e6f1a9bd53055c384a4ca9c69a3948.tar.gz
nextcloud-server-f7cb53b103e6f1a9bd53055c384a4ca9c69a3948.zip
Merge pull request #2008 from owncloud/1999-requesttoken
Check if requesttoken exists in session
-rwxr-xr-xlib/util.php10
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/util.php b/lib/util.php
index ad7950d5893..e7bdd9e0904 100755
--- a/lib/util.php
+++ b/lib/util.php
@@ -464,13 +464,17 @@ class OC_Util {
* @see OC_Util::callRegister()
*/
public static function isCallRegistered() {
+ if(!isset($_SESSION['requesttoken'])) {
+ return false;
+ }
+
if(isset($_GET['requesttoken'])) {
$token=$_GET['requesttoken'];
- }elseif(isset($_POST['requesttoken'])) {
+ } elseif(isset($_POST['requesttoken'])) {
$token=$_POST['requesttoken'];
- }elseif(isset($_SERVER['HTTP_REQUESTTOKEN'])) {
+ } elseif(isset($_SERVER['HTTP_REQUESTTOKEN'])) {
$token=$_SERVER['HTTP_REQUESTTOKEN'];
- }else{
+ } else {
//no token found.
return false;
}