DontSellMe
/
richdocuments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check session token

Browse Source
pull/1/head
Victor Dubiniuk 10 years ago
parent 8ae21d491a
commit 3934f6a663
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File

3
ajax/sessionController.php
Unescape Escape View File

@ -23,6 +23,9 @@ class SessionController extends Controller{
try { try {
$token = Helper::getArrayValueByKey($args, 'token'); $token = Helper::getArrayValueByKey($args, 'token');
$file = File::getByShareToken($token); $file = File::getByShareToken($token);
if ($file->isPasswordProtected() && !$file->checkPassword('')){
throw new \Exception('Not authorized');
}
$session = Db\Session::start($uid, $file); $session = Db\Session::start($uid, $file);
\OCP\JSON::success($session); \OCP\JSON::success($session);
} catch (\Exception $e){ } catch (\Exception $e){

2
lib/file.php
Unescape Escape View File

@ -95,7 +95,7 @@ class File {
public function isPasswordProtected(){ public function isPasswordProtected(){
return $this->passwordProtected; return $this->passwordProtected;
} }
public function checkPassword($password){ public function checkPassword($password){
$shareId = $this->getShareId(); $shareId = $this->getShareId();
if (!$this->isPasswordProtected() if (!$this->isPasswordProtected()

Write Preview
Loading…
Cancel
Save