summaryrefslogtreecommitdiffstats
path: root/apps/tasks
diff options
context:
space:
mode:
authorThomas Tanghus <thomas@tanghus.net>2012-07-17 11:52:11 +0200
committerThomas Tanghus <thomas@tanghus.net>2012-07-17 11:52:11 +0200
commit8444fc5787331fb34919991f3cd9f55cf3fb4989 (patch)
tree406f16c713128c28393e36c1eb4b3d8df0aed61b /apps/tasks
parent06ff6c6d7daeb44da0de5de36eef7ea2b7a4137e (diff)
downloadnextcloud-server-8444fc5787331fb34919991f3cd9f55cf3fb4989.tar.gz
nextcloud-server-8444fc5787331fb34919991f3cd9f55cf3fb4989.zip
Added CSRF checks to Tasks. Expect some error messages - and report them ;)
Diffstat (limited to 'apps/tasks')
-rw-r--r--apps/tasks/ajax/addtask.php1
-rw-r--r--apps/tasks/ajax/delete.php1
-rw-r--r--apps/tasks/ajax/edittask.php1
-rw-r--r--apps/tasks/ajax/update_property.php1
4 files changed, 4 insertions, 0 deletions
diff --git a/apps/tasks/ajax/addtask.php b/apps/tasks/ajax/addtask.php
index 9f35e7f21ec..188e179236a 100644
--- a/apps/tasks/ajax/addtask.php
+++ b/apps/tasks/ajax/addtask.php
@@ -3,6 +3,7 @@
// Init owncloud
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('tasks');
+OCP\JSON::callCheck();
$calendars = OC_Calendar_Calendar::allCalendars(OCP\User::getUser(), true);
$first_calendar = reset($calendars);
diff --git a/apps/tasks/ajax/delete.php b/apps/tasks/ajax/delete.php
index e29add9b556..cc22c3e3873 100644
--- a/apps/tasks/ajax/delete.php
+++ b/apps/tasks/ajax/delete.php
@@ -23,6 +23,7 @@
// Init owncloud
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('tasks');
+OCP\JSON::callCheck();
$id = $_POST['id'];
$task = OC_Calendar_App::getEventObject( $id );
diff --git a/apps/tasks/ajax/edittask.php b/apps/tasks/ajax/edittask.php
index edcc8a7cdcd..77ecff13e66 100644
--- a/apps/tasks/ajax/edittask.php
+++ b/apps/tasks/ajax/edittask.php
@@ -3,6 +3,7 @@
// Init owncloud
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('tasks');
+OCP\JSON::callCheck();
$l10n = new OC_L10N('tasks');
diff --git a/apps/tasks/ajax/update_property.php b/apps/tasks/ajax/update_property.php
index 46521cf6c58..f47040a77d4 100644
--- a/apps/tasks/ajax/update_property.php
+++ b/apps/tasks/ajax/update_property.php
@@ -9,6 +9,7 @@
// Init owncloud
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('tasks');
+OCP\JSON::callCheck();
$id = $_POST['id'];
$property = $_POST['type'];
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 13:14:07 +0000