Added missing CSRF checks.

author: Thomas Tanghus <thomas@tanghus.net> 2012-07-17 12:04:34 +0200
committer: Thomas Tanghus <thomas@tanghus.net> 2012-07-17 12:04:34 +0200
commit: 2c9aa029a73957e61ed5e520dc54eaa5c75db472 (patch)
tree: 5e4d0784e5ab22345fadb1fe982759f47d47b01d /apps
parent: 748fcabba48fe0f60951be22a531f3bf88fdabff (diff)
download: nextcloud-server-2c9aa029a73957e61ed5e520dc54eaa5c75db472.tar.gz
nextcloud-server-2c9aa029a73957e61ed5e520dc54eaa5c75db472.zip
2 files changed, 2 insertions, 0 deletions
diff --git a/apps/contacts/ajax/categories/delete.php b/apps/contacts/ajax/categories/delete.php
index 7c3261446bb..68a308e3221 100644
--- a/apps/contacts/ajax/categories/delete.php
+++ b/apps/contacts/ajax/categories/delete.php
@@ -9,6 +9,7 @@
  
 OCP\JSON::checkLoggedIn();
 OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
 
 require_once('../loghandler.php');
 
diff --git a/apps/contacts/ajax/categories/rescan.php b/apps/contacts/ajax/categories/rescan.php
index fd875a965dc..a06e7803955 100644
--- a/apps/contacts/ajax/categories/rescan.php
+++ b/apps/contacts/ajax/categories/rescan.php
@@ -9,6 +9,7 @@
  
 OCP\JSON::checkLoggedIn();
 OCP\JSON::checkAppEnabled('contacts');
+OCP\JSON::callCheck();
 
 OC_Contacts_App::scanCategories();
 $categories = OC_Contacts_App::getCategories();
author	Thomas Tanghus <thomas@tanghus.net>	2012-07-17 12:04:34 +0200
committer	Thomas Tanghus <thomas@tanghus.net>	2012-07-17 12:04:34 +0200
commit	2c9aa029a73957e61ed5e520dc54eaa5c75db472 (patch)
tree	5e4d0784e5ab22345fadb1fe982759f47d47b01d /apps
parent	748fcabba48fe0f60951be22a531f3bf88fdabff (diff)
download	nextcloud-server-2c9aa029a73957e61ed5e520dc54eaa5c75db472.tar.gz nextcloud-server-2c9aa029a73957e61ed5e520dc54eaa5c75db472.zip