summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
Diffstat (limited to 'settings')
-rw-r--r--settings/ajax/changepassword.php9
-rw-r--r--settings/ajax/creategroup.php9
-rw-r--r--settings/ajax/createuser.php8
-rw-r--r--settings/personal.php1
-rw-r--r--settings/settings.php1
5 files changed, 9 insertions, 19 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index b3ebbe6e456..5eab751b04e 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -3,14 +3,15 @@
// Init owncloud
require_once '../../lib/base.php';
+// Check if we are a user
+OCP\JSON::callCheck();
+OC_JSON::checkLoggedIn();
+OC_JSON::verifyUser();
+
$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
$password = $_POST["password"];
$oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';
-// Check if we are a user
-OC_JSON::checkLoggedIn();
-OCP\JSON::callCheck();
-
$userstatus = null;
if(OC_Group::inGroup(OC_User::getUser(), 'admin')) {
$userstatus = 'admin';
diff --git a/settings/ajax/creategroup.php b/settings/ajax/creategroup.php
index 83733ac4d2d..431b449a811 100644
--- a/settings/ajax/creategroup.php
+++ b/settings/ajax/creategroup.php
@@ -3,14 +3,7 @@
// Init owncloud
require_once '../../lib/base.php';
OCP\JSON::callCheck();
-
-// Check if we are a user
-if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )) {
- OC_JSON::error(array("data" => array( "message" => $l->t("Authentication error") )));
- exit();
-}
-
-OCP\JSON::callCheck();
+OC_JSON::checkAdminUser();
$groupname = $_POST["groupname"];
diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php
index bdf7e4983ac..b3e5c23de54 100644
--- a/settings/ajax/createuser.php
+++ b/settings/ajax/createuser.php
@@ -3,13 +3,7 @@
// Init owncloud
require_once '../../lib/base.php';
OCP\JSON::callCheck();
-
-// Check if we are a user
-if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && !OC_SubAdmin::isSubAdmin(OC_User::getUser()))) {
- OC_JSON::error(array("data" => array( "message" => "Authentication error" )));
- exit();
-}
-OCP\JSON::callCheck();
+OC_JSON::checkSubAdminUser();
$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false;
diff --git a/settings/personal.php b/settings/personal.php
index 2031edd8df8..3348b3290f4 100644
--- a/settings/personal.php
+++ b/settings/personal.php
@@ -7,6 +7,7 @@
require_once '../lib/base.php';
OC_Util::checkLoggedIn();
+OC_Util::verifyUser();
// Highlight navigation entry
OC_Util::addScript( 'settings', 'personal' );
diff --git a/settings/settings.php b/settings/settings.php
index 24099ef5742..68c07ff60f0 100644
--- a/settings/settings.php
+++ b/settings/settings.php
@@ -7,6 +7,7 @@
require_once '../lib/base.php';
OC_Util::checkLoggedIn();
+OC_Util::verifyUser();
OC_Util::addStyle( 'settings', 'settings' );
OC_App::setActiveNavigationEntry( 'settings' );
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 18:04:51 +0000