From 56b9040743609b6d2291df870c8899ad2094852b Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sat, 7 Jul 2012 15:54:52 +0200
Subject: [PATCH] CSRF check

---
 ajax/addBookmark.php  | 2 ++
 ajax/delBookmark.php  | 2 ++
 ajax/editBookmark.php | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/ajax/addBookmark.php b/ajax/addBookmark.php
index 6b5a0f71..48371640 100644
--- a/ajax/addBookmark.php
+++ b/ajax/addBookmark.php
@@ -28,6 +28,8 @@ $RUNTIME_NOSETUPFS=true;
 
 // Check if we are a user
 OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
 OCP\JSON::checkAppEnabled('bookmarks');
 
 require_once(OC_App::getAppPath('bookmarks').'/bookmarksHelper.php');
diff --git a/ajax/delBookmark.php b/ajax/delBookmark.php
index 5a067701..f40f02eb 100644
--- a/ajax/delBookmark.php
+++ b/ajax/delBookmark.php
@@ -28,6 +28,8 @@ $RUNTIME_NOSETUPFS=true;
 
 // Check if we are a user
 OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
 OCP\JSON::checkAppEnabled('bookmarks');
 
 $id = $_POST['id'];
diff --git a/ajax/editBookmark.php b/ajax/editBookmark.php
index 439b680d..0b37d161 100644
--- a/ajax/editBookmark.php
+++ b/ajax/editBookmark.php
@@ -28,6 +28,8 @@ $RUNTIME_NOSETUPFS=true;
 
 // Check if we are a user
 OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
 OCP\JSON::checkAppEnabled('bookmarks');
 
 $CONFIG_DBTYPE = OCP\Config::getSystemValue( "dbtype", "sqlite" );