Merge pull request #13505 from owncloud/streamline-scanning-code

Streamline auth and CSRF check in scan.php
author: Thomas Müller <thomas.mueller@tmit.eu> 2015-02-19 16:35:05 +0100
committer: Thomas Müller <thomas.mueller@tmit.eu> 2015-02-19 16:35:05 +0100
commit: df58eea93fb969a60b6cf4e9fca0fd2173b406a0 (patch)
tree: 2764bcf03ceede3fe3411a9914487488dddd387e /apps/files/ajax
parent: 767dd4bde71b708b8ba54665bedb812e40f6e8a3 (diff)
parent: 3f5d4d82e41e020cc971920a5d90aebcbda7c379 (diff)
download: nextcloud-server-df58eea93fb969a60b6cf4e9fca0fd2173b406a0.tar.gz
nextcloud-server-df58eea93fb969a60b6cf4e9fca0fd2173b406a0.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/apps/files/ajax/scan.php b/apps/files/ajax/scan.php
index f8977c2971e..a85969503ca 100644
--- a/apps/files/ajax/scan.php
+++ b/apps/files/ajax/scan.php
@@ -1,11 +1,15 @@
 <?php
 set_time_limit(0); //scanning can take ages
+
+\OCP\JSON::checkLoggedIn();
+\OCP\JSON::callCheck();
+
 \OC::$server->getSession()->close();
 
 $force = (isset($_GET['force']) and ($_GET['force'] === 'true'));
 $dir = isset($_GET['dir']) ? $_GET['dir'] : '';
 if (isset($_GET['users'])) {
-	OC_JSON::checkAdminUser();
+	\OCP\JSON::checkAdminUser();
 	if ($_GET['users'] === 'all') {
 		$users = OC_User::getUsers();
 	} else {
author	Thomas Müller <thomas.mueller@tmit.eu>	2015-02-19 16:35:05 +0100
committer	Thomas Müller <thomas.mueller@tmit.eu>	2015-02-19 16:35:05 +0100
commit	df58eea93fb969a60b6cf4e9fca0fd2173b406a0 (patch)
tree	2764bcf03ceede3fe3411a9914487488dddd387e /apps/files/ajax
parent	767dd4bde71b708b8ba54665bedb812e40f6e8a3 (diff)
parent	3f5d4d82e41e020cc971920a5d90aebcbda7c379 (diff)
download	nextcloud-server-df58eea93fb969a60b6cf4e9fca0fd2173b406a0.tar.gz nextcloud-server-df58eea93fb969a60b6cf4e9fca0fd2173b406a0.zip