rooty/OwncloudBookmarksOfficial
1
0
Fork 0
mirror of https://github.com/owncloud/bookmarks.git synced 2025-02-20 17:54:25 +01:00
Code Issues Releases Activity

Added CSRF checks

Browse Source
This commit is contained in:
Lukas Reschke 2012-07-20 20:12:36 +02:00
parent 150943aa00
commit e504d6bfc4
3 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ajax/addBookmark.php
View File

@ -29,6 +29,7 @@ $RUNTIME_NOSETUPFS=true;
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('bookmarks');
OCP\JSON::callCheck();
require_once(OC::$APPSROOT . '/apps/bookmarks/bookmarksHelper.php');
$id = addBookmark($_POST['url'], $_POST['title'], $_POST['tags']);

1
ajax/delBookmark.php
View File

@ -29,6 +29,7 @@ $RUNTIME_NOSETUPFS=true;
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('bookmarks');
OCP\JSON::callCheck();
$id = $_POST['id'];
if (!OC_Bookmarks_Bookmarks::deleteUrl($id)){

1
ajax/editBookmark.php
View File

@ -29,6 +29,7 @@ $RUNTIME_NOSETUPFS=true;
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('bookmarks');
OCP\JSON::callCheck();
$CONFIG_DBTYPE = OCP\Config::getSystemValue( "dbtype", "sqlite" );
if( $CONFIG_DBTYPE == 'sqlite' or $CONFIG_DBTYPE == 'sqlite3' ){