gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-30 20:51:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

'movefolder' requires a formtoken

Browse Source
This commit is contained in:
Uwe Steinmann 2014-06-04 19:17:08 +02:00
parent c09e650c89
commit e0a49734f0
1 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
op/op.Ajax.php
View File

@ -182,6 +182,10 @@ switch($command) {
case 'movefolder': /* {{{ */ case 'movefolder': /* {{{ */
if($user) { if($user) {
if(!checkFormKey('movefolder', 'GET')) {
header('Content-Type', 'application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
$mfolder = $dms->getFolder($_REQUEST['folderid']); $mfolder = $dms->getFolder($_REQUEST['folderid']);
if($mfolder) { if($mfolder) {
if ($mfolder->getAccessMode($user) >= M_READ) { if ($mfolder->getAccessMode($user) >= M_READ) {
@ -211,6 +215,7 @@ switch($command) {
echo json_encode(array('success'=>false, 'message'=>'No folder', 'data'=>'')); echo json_encode(array('success'=>false, 'message'=>'No folder', 'data'=>''));
} }
} }
}
break; /* }}} */ break; /* }}} */
case 'movedocument': /* {{{ */ case 'movedocument': /* {{{ */