diff --git a/apps/contacts/ajax/addcard.php b/apps/contacts/ajax/addcard.php index f15a1685840c541cbbc110b4e5ab8b3071228542..fbf5b57ae7cf6d20414ce1070f356653f7a0c1b3 100644 --- a/apps/contacts/ajax/addcard.php +++ b/apps/contacts/ajax/addcard.php @@ -34,7 +34,7 @@ OC_JSON::checkAppEnabled('contacts'); $l=new OC_L10N('contacts'); $aid = $_POST['id']; -$addressbook = OC_Contacts_App::getAddressbook( $aid ); +OC_Contacts_App::getAddressbook( $aid ); // is owner access check $fn = trim($_POST['fn']); $values = $_POST['value']; diff --git a/apps/contacts/ajax/addcontact.php b/apps/contacts/ajax/addcontact.php index c39d75eff884c72e55ca036c89fc5b7d41c4fcef..9b4e68ac272b583aa37b4d53454329acf6d9afba 100644 --- a/apps/contacts/ajax/addcontact.php +++ b/apps/contacts/ajax/addcontact.php @@ -40,7 +40,7 @@ OC_JSON::checkAppEnabled('contacts'); $l=new OC_L10N('contacts'); $aid = $_POST['aid']; -$addressbook = OC_Contacts_App::getAddressbook( $aid ); +OC_Contacts_App::getAddressbook( $aid ); // is owner access check $fn = trim($_POST['fn']); $n = trim($_POST['n']); diff --git a/apps/contacts/ajax/deletebook.php b/apps/contacts/ajax/deletebook.php index a89c00575e9fc8f15119b76080b9522bc6b2e867..d782c9dfb8d0bfc1a8698623d8d7f2c6625bfbfe 100644 --- a/apps/contacts/ajax/deletebook.php +++ b/apps/contacts/ajax/deletebook.php @@ -30,7 +30,7 @@ OC_JSON::checkAppEnabled('contacts'); //$id = $_GET['id']; $id = $_POST['id']; -$addressbook = OC_Contacts_App::getAddressbook( $id ); +OC_Contacts_App::getAddressbook( $id ); // is owner access check OC_Contacts_Addressbook::delete($id); OC_JSON::success(array('data' => array( 'id' => $id ))); diff --git a/apps/contacts/ajax/updateaddressbook.php b/apps/contacts/ajax/updateaddressbook.php index 7d9e2aea917bc98d693fad7c4b33bec64cd2111b..d6c1ad179bb55a68002fd19f3cf1eb4954becf74 100644 --- a/apps/contacts/ajax/updateaddressbook.php +++ b/apps/contacts/ajax/updateaddressbook.php @@ -15,6 +15,7 @@ OC_JSON::checkLoggedIn(); OC_JSON::checkAppEnabled('contacts'); $bookid = $_POST['id']; +OC_Contacts_App::getAddressbook($bookid); // is owner access check if(!OC_Contacts_Addressbook::edit($bookid, $_POST['name'], null)) { OC_JSON::error(array('data' => array('message' => $l->t('Error updating addressbook.')))); diff --git a/apps/contacts/export.php b/apps/contacts/export.php index fc2aa86500fbd7c310b1227506eda25368063006..750d77bcac832d30b6cc65d8d0445959567d9b16 100644 --- a/apps/contacts/export.php +++ b/apps/contacts/export.php @@ -14,10 +14,6 @@ $contact = isset($_GET['contactid']) ? $_GET['contactid'] : NULL; $nl = "\n"; if(isset($book)){ $addressbook = OC_Contacts_App::getAddressbook($book); - if($addressbook['userid'] != OC_User::getUser()){ - OC_JSON::error(); - exit; - } $cardobjects = OC_Contacts_VCard::all($book); header('Content-Type: text/directory'); header('Content-Disposition: inline; filename=' . str_replace(' ', '_', $addressbook['displayname']) . '.vcf'); @@ -27,12 +23,6 @@ if(isset($book)){ } }elseif(isset($contact)){ $data = OC_Contacts_App::getContactObject($contact); - $addressbookid = $data['addressbookid']; - $addressbook = OC_Contacts_App::getAddressbook($addressbookid); - if($addressbook['userid'] != OC_User::getUser()){ - OC_JSON::error(); - exit; - } header('Content-Type: text/directory'); header('Content-Disposition: inline; filename=' . str_replace(' ', '_', $data['fullname']) . '.vcf'); echo $data['carddata'];