diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2013-02-12 15:22:06 +0400 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2013-02-12 15:22:06 +0400 |
commit | de9befdda0195f598aea8afba9bdde2cc2310c50 (patch) | |
tree | 8e9b869e172e3ff7a8c69fe89c956ceb483d027b | |
parent | 28dc89e94956f96e4346d9b4f6d33aed673a0a83 (diff) |
[user_migrate] Add requesttoken
-rw-r--r-- | apps/user_migrate/ajax/export.php | 1 | ||||
-rw-r--r-- | apps/user_migrate/js/export.js | 2 | ||||
-rw-r--r-- | apps/user_migrate/settings.php | 1 | ||||
-rw-r--r-- | apps/user_migrate/templates/settings.php | 1 |
4 files changed, 4 insertions, 1 deletions
diff --git a/apps/user_migrate/ajax/export.php b/apps/user_migrate/ajax/export.php index 07c35c73470..e339b489a8a 100644 --- a/apps/user_migrate/ajax/export.php +++ b/apps/user_migrate/ajax/export.php @@ -25,6 +25,7 @@ // Check if we are a user OCP\JSON::checkLoggedIn(); +OCP\JSON::callCheck(); OCP\App::checkAppEnabled('user_migrate'); // Which operation if( $_GET['operation']=='create' ){ diff --git a/apps/user_migrate/js/export.js b/apps/user_migrate/js/export.js index aef45c45a7b..4afc8b71153 100644 --- a/apps/user_migrate/js/export.js +++ b/apps/user_migrate/js/export.js @@ -9,7 +9,7 @@ $(document).ready(function(){ function(result){ if(result.status == 'success'){ // Download the file - window.location = OC.linkTo('user_migrate','ajax/export.php') + '?operation=download'; + window.location = OC.linkTo('user_migrate','ajax/export.php') + '?operation=download&requesttoken=' + requesttoken; $('.loading').hide(); $('#exportbtn').val(t('user_migrate', 'Export')); } else { diff --git a/apps/user_migrate/settings.php b/apps/user_migrate/settings.php index 4772c27a16d..f685b086463 100644 --- a/apps/user_migrate/settings.php +++ b/apps/user_migrate/settings.php @@ -27,6 +27,7 @@ OC_Util::checkLoggedIn(); OCP\App::checkAppEnabled('user_migrate'); if (isset($_POST['user_import'])) { + OCP\JSON::callCheck(); $root = OC::$SERVERROOT . "/"; $importname = "owncloud_import_" . date("y-m-d_H-i-s"); diff --git a/apps/user_migrate/templates/settings.php b/apps/user_migrate/templates/settings.php index 1718abe9e0f..351f9740bf3 100644 --- a/apps/user_migrate/templates/settings.php +++ b/apps/user_migrate/templates/settings.php @@ -14,6 +14,7 @@ </p> <p><input type="file" id="owncloud_import" name="owncloud_import" style="width:180px;"><label for="owncloud_import"> <?php echo $l->t('ownCloud User Zip');?></label> </p> + <input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>" id="requesttoken"> <input type="submit" name="user_import" value="<?php echo $l->t('Import'); ?>" /> </fieldset> </form> |