summaryrefslogtreecommitdiffstats
path: root/apps/files_external
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2013-02-12 11:35:16 +0100
committerLukas Reschke <lukas@statuscode.ch>2013-02-12 11:35:16 +0100
commita9c77ebaf80288d210c8ad3ba28a6d2a4eaac1c8 (patch)
treea6459de3601fe5856d089f666fae67e454f1aa9a /apps/files_external
parent2507e0da1d61af5d9a9506a29aa6df4c31ac068e (diff)
downloadnextcloud-server-a9c77ebaf80288d210c8ad3ba28a6d2a4eaac1c8.tar.gz
nextcloud-server-a9c77ebaf80288d210c8ad3ba28a6d2a4eaac1c8.zip
Check requesttoken
Diffstat (limited to 'apps/files_external')
-rw-r--r--apps/files_external/ajax/addRootCertificate.php1
-rw-r--r--apps/files_external/ajax/dropbox.php2
-rw-r--r--apps/files_external/ajax/google.php2
3 files changed, 5 insertions, 0 deletions
diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php
index 2f67e801b2c..ba8a14d2ea1 100644
--- a/apps/files_external/ajax/addRootCertificate.php
+++ b/apps/files_external/ajax/addRootCertificate.php
@@ -1,6 +1,7 @@
<?php
OCP\JSON::checkAppEnabled('files_external');
+OCP\JSON::callCheck();
if ( ! ($filename = $_FILES['rootcert_import']['name']) ) {
header("Location: settings/personal.php");
diff --git a/apps/files_external/ajax/dropbox.php b/apps/files_external/ajax/dropbox.php
index 58c41d69062..bc9821c62ec 100644
--- a/apps/files_external/ajax/dropbox.php
+++ b/apps/files_external/ajax/dropbox.php
@@ -4,6 +4,8 @@ require_once 'Dropbox/autoload.php';
OCP\JSON::checkAppEnabled('files_external');
OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
$oauth = new Dropbox_OAuth_Curl($_POST['app_key'], $_POST['app_secret']);
if (isset($_POST['step'])) {
diff --git a/apps/files_external/ajax/google.php b/apps/files_external/ajax/google.php
index c76c7618e4d..70adcb2c2ad 100644
--- a/apps/files_external/ajax/google.php
+++ b/apps/files_external/ajax/google.php
@@ -4,6 +4,8 @@ require_once 'Google/common.inc.php';
OCP\JSON::checkAppEnabled('files_external');
OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
$consumer = new OAuthConsumer('anonymous', 'anonymous');
$sigMethod = new OAuthSignatureMethod_HMAC_SHA1();
if (isset($_POST['step'])) {