diff options
author | Frank Karlitschek <frank@owncloud.org> | 2013-03-01 06:12:09 -0800 |
---|---|---|
committer | Frank Karlitschek <frank@owncloud.org> | 2013-03-01 06:12:09 -0800 |
commit | f7cb53b103e6f1a9bd53055c384a4ca9c69a3948 (patch) | |
tree | 31a11203d1dcaeb614de736bb3459781f5e314e1 | |
parent | 09dc15d2b190dbce3a2fe3b09e464ff534db0659 (diff) | |
parent | 93f15215c644ecd2a25c084227a4af719cef2a05 (diff) | |
download | nextcloud-server-f7cb53b103e6f1a9bd53055c384a4ca9c69a3948.tar.gz nextcloud-server-f7cb53b103e6f1a9bd53055c384a4ca9c69a3948.zip |
Merge pull request #2008 from owncloud/1999-requesttoken
Check if requesttoken exists in session
-rwxr-xr-x | lib/util.php | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/util.php b/lib/util.php index ad7950d5893..e7bdd9e0904 100755 --- a/lib/util.php +++ b/lib/util.php @@ -464,13 +464,17 @@ class OC_Util { * @see OC_Util::callRegister() */ public static function isCallRegistered() { + if(!isset($_SESSION['requesttoken'])) { + return false; + } + if(isset($_GET['requesttoken'])) { $token=$_GET['requesttoken']; - }elseif(isset($_POST['requesttoken'])) { + } elseif(isset($_POST['requesttoken'])) { $token=$_POST['requesttoken']; - }elseif(isset($_SERVER['HTTP_REQUESTTOKEN'])) { + } elseif(isset($_SERVER['HTTP_REQUESTTOKEN'])) { $token=$_SERVER['HTTP_REQUESTTOKEN']; - }else{ + } else { //no token found. return false; } |