Contacts: implemented CSRF prevention.

author: Thomas Tanghus <thomas@tanghus.net> 2012-06-13 17:35:42 +0200
committer: Thomas Tanghus <thomas@tanghus.net> 2012-06-13 17:35:42 +0200
commit: bc1e8cb0a2ef634949ae520c6aedab435eaf5b80 (patch)
tree: ae72b2dc4296127d9f332aa6f6929ea74f9c0820 /apps/contacts/ajax/addcontact.php
parent: 89464721c7aa4464419cbcbedc658843f6c4696d (diff)
download: nextcloud-server-bc1e8cb0a2ef634949ae520c6aedab435eaf5b80.tar.gz
nextcloud-server-bc1e8cb0a2ef634949ae520c6aedab435eaf5b80.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/apps/contacts/ajax/addcontact.php b/apps/contacts/ajax/addcontact.php
index af9b2bbcc0e..e45072c9542 100644
--- a/apps/contacts/ajax/addcontact.php
+++ b/apps/contacts/ajax/addcontact.php
@@ -23,6 +23,7 @@
 // Check if we are a user
 OCP\JSON::checkLoggedIn();
 OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
 
 $aid = isset($_POST['aid'])?$_POST['aid']:null;
 if(!$aid) {
author	Thomas Tanghus <thomas@tanghus.net>	2012-06-13 17:35:42 +0200
committer	Thomas Tanghus <thomas@tanghus.net>	2012-06-13 17:35:42 +0200
commit	bc1e8cb0a2ef634949ae520c6aedab435eaf5b80 (patch)
tree	ae72b2dc4296127d9f332aa6f6929ea74f9c0820 /apps/contacts/ajax/addcontact.php
parent	89464721c7aa4464419cbcbedc658843f6c4696d (diff)
download	nextcloud-server-bc1e8cb0a2ef634949ae520c6aedab435eaf5b80.tar.gz nextcloud-server-bc1e8cb0a2ef634949ae520c6aedab435eaf5b80.zip