diff --git a/apps/calendar/ajax/changeview.php b/apps/calendar/ajax/changeview.php
index ef05c7cd496056582a73f2cbe71af2828e4cada4..ae48b229b164f6be44dbed1664fe37958fc4ed87 100644
--- a/apps/calendar/ajax/changeview.php
+++ b/apps/calendar/ajax/changeview.php
@@ -9,7 +9,16 @@
 require_once ("../../../lib/base.php");
 OC_JSON::checkLoggedIn();
 OC_JSON::checkAppEnabled('calendar');
-$currentview = $_GET["v"];
-OC_Preferences::setValue(OC_USER::getUser(), "calendar", "currentview", $currentview);
+$view = $_GET['v'];
+switch($view){
+	case 'agendaWeek':
+	case 'month';
+	case 'list':
+		break;
+	default:
+		OC_JSON::error(array('message'=>'unexspected parameter: ' . $view));
+		exit;
+}
+OC_Preferences::setValue(OC_USER::getUser(), 'calendar', 'currentview', $view);
 OC_JSON::success();
 ?>