Add CSRF token

author: Lukas Reschke <lukas@statuscode.ch> 2012-11-01 23:52:04 +0100
committer: Lukas Reschke <lukas@statuscode.ch> 2012-11-02 00:09:28 +0100
commit: 0f02b7dea65ee13b6b29dc16a0de5a4ab5c9b01d (patch)
tree: 5efd3f4fbd217c487f19b41fdf7578b384b930c3 /apps/files/admin.php
parent: 627509875ecd3e148f82a1cbc8b7e48b9c94f2b1 (diff)
download: nextcloud-server-0f02b7dea65ee13b6b29dc16a0de5a4ab5c9b01d.tar.gz
nextcloud-server-0f02b7dea65ee13b6b29dc16a0de5a4ab5c9b01d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/files/admin.php b/apps/files/admin.php
index e8b3cb0aca0..c183a4ba4b4 100644
--- a/apps/files/admin.php
+++ b/apps/files/admin.php
@@ -35,7 +35,7 @@ $post_max_size = OCP\Util::computerFileSize(ini_get('post_max_size'));
 $post_max_size_possible = OCP\Util::computerFileSize(get_cfg_var('post_max_size'));
 $maxUploadFilesize = OCP\Util::humanFileSize(min($upload_max_filesize, $post_max_size));
 $maxUploadFilesizePossible = OCP\Util::humanFileSize(min($upload_max_filesize_possible, $post_max_size_possible));
-if($_POST) {
+if($_POST && OC_Util::isCallRegistered) {
 	if(isset($_POST['maxUploadSize'])) {
 		if(($setMaxSize = OC_Files::setUploadLimit(OCP\Util::computerFileSize($_POST['maxUploadSize']))) !== false) {
 			$maxUploadFilesize = OCP\Util::humanFileSize($setMaxSize);
author	Lukas Reschke <lukas@statuscode.ch>	2012-11-01 23:52:04 +0100
committer	Lukas Reschke <lukas@statuscode.ch>	2012-11-02 00:09:28 +0100
commit	0f02b7dea65ee13b6b29dc16a0de5a4ab5c9b01d (patch)
tree	5efd3f4fbd217c487f19b41fdf7578b384b930c3 /apps/files/admin.php
parent	627509875ecd3e148f82a1cbc8b7e48b9c94f2b1 (diff)
download	nextcloud-server-0f02b7dea65ee13b6b29dc16a0de5a4ab5c9b01d.tar.gz nextcloud-server-0f02b7dea65ee13b6b29dc16a0de5a4ab5c9b01d.zip