From 748fcabba48fe0f60951be22a531f3bf88fdabff Mon Sep 17 00:00:00 2001
From: Thomas Tanghus <thomas@tanghus.net>
Date: Tue, 17 Jul 2012 11:57:38 +0200
Subject: [PATCH] Added CSRF checks to files_versions. Expect some error
 messages - and report them ;)

---
 apps/files_versions/ajax/expireAll.php       | 1 +
 apps/files_versions/ajax/rollbackVersion.php | 1 +
 apps/files_versions/ajax/togglesettings.php  | 1 +
 3 files changed, 3 insertions(+)

diff --git a/apps/files_versions/ajax/expireAll.php b/apps/files_versions/ajax/expireAll.php
index 4f165be0ae..2a678c7f0a 100644
--- a/apps/files_versions/ajax/expireAll.php
+++ b/apps/files_versions/ajax/expireAll.php
@@ -27,6 +27,7 @@
 // Check user and app status
 OCP\JSON::checkLoggedIn();
 OCP\App::checkAppEnabled('files_versions');
+OCP\JSON::callCheck();
 
 $versions = new OCA_Versions\Storage();
 
diff --git a/apps/files_versions/ajax/rollbackVersion.php b/apps/files_versions/ajax/rollbackVersion.php
index 8d1092f8b8..24d71a914a 100644
--- a/apps/files_versions/ajax/rollbackVersion.php
+++ b/apps/files_versions/ajax/rollbackVersion.php
@@ -1,6 +1,7 @@
 <?php
 
 OCP\JSON::checkAppEnabled('files_versions');
+OCP\JSON::callCheck();
 
 $userDirectory = "/".OCP\USER::getUser()."/files";
 
diff --git a/apps/files_versions/ajax/togglesettings.php b/apps/files_versions/ajax/togglesettings.php
index 86f614c5c8..546b37ae1a 100644
--- a/apps/files_versions/ajax/togglesettings.php
+++ b/apps/files_versions/ajax/togglesettings.php
@@ -2,6 +2,7 @@
 
 OCP\JSON::checkAppEnabled('files_versions');
 OCP\JSON::checkAdminUser();
+OCP\JSON::callCheck();
 if (OCP\Config::getSystemValue('versions', 'true')=='true') {
 	OCP\Config::setSystemValue('versions', 'false');
 } else {
-- 
GitLab