passesCSRFCheck added to OCP\IRequest

author: Bart Visscher <bartv@thisnet.nl> 2013-09-27 15:16:34 +0200
committer: Bart Visscher <bartv@thisnet.nl> 2013-10-04 18:13:04 +0200
commit: 21cbef0d2cc80228d2a473ccfb6ad5b071f314c7 (patch)
tree: 214ccd2c50590fc6c996280797be93e0b1aeae92 /lib/private/util.php
parent: 61a9098b7d88656d0297a18c1b7685c04d1c64dc (diff)
download: nextcloud-server-21cbef0d2cc80228d2a473ccfb6ad5b071f314c7.tar.gz
nextcloud-server-21cbef0d2cc80228d2a473ccfb6ad5b071f314c7.zip
1 files changed, 1 insertions, 23 deletions
diff --git a/lib/private/util.php b/lib/private/util.php
index 04a020ff006..c5b4d2ae93e 100755
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -695,29 +695,7 @@ class OC_Util {
 	 * @see OC_Util::callRegister()
 	 */
 	public static function isCallRegistered() {
-		if(!\OC::$session->exists('requesttoken')) {
-			return false;
-		}
-
-		if(isset($_GET['requesttoken'])) {
-			$token = $_GET['requesttoken'];
-		} elseif(isset($_POST['requesttoken'])) {
-			$token = $_POST['requesttoken'];
-		} elseif(isset($_SERVER['HTTP_REQUESTTOKEN'])) {
-			$token = $_SERVER['HTTP_REQUESTTOKEN'];
-		} else {
-			//no token found.
-			return false;
-		}
-
-		// Check if the token is valid
-		if($token !== \OC::$session->get('requesttoken')) {
-			// Not valid
-			return false;
-		} else {
-			// Valid token
-			return true;
-		}
+		return \OC::$server->getRequest()->passesCSRFCheck();
 	}
 
 	/**
author	Bart Visscher <bartv@thisnet.nl>	2013-09-27 15:16:34 +0200
committer	Bart Visscher <bartv@thisnet.nl>	2013-10-04 18:13:04 +0200
commit	21cbef0d2cc80228d2a473ccfb6ad5b071f314c7 (patch)
tree	214ccd2c50590fc6c996280797be93e0b1aeae92 /lib/private/util.php
parent	61a9098b7d88656d0297a18c1b7685c04d1c64dc (diff)
download	nextcloud-server-21cbef0d2cc80228d2a473ccfb6ad5b071f314c7.tar.gz nextcloud-server-21cbef0d2cc80228d2a473ccfb6ad5b071f314c7.zip