DontSellMe/richdocuments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #357 from owncloud/advanced-password

Browse Source 
Check session token
This commit is contained in:
VicDeo 2014-09-08 23:43:12 +03:00
commit 3b70fe07f9
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ajax/sessionController.php
View File

@ -23,6 +23,9 @@ class SessionController extends Controller{
try { try {
$token = Helper::getArrayValueByKey($args, 'token'); $token = Helper::getArrayValueByKey($args, 'token');
$file = File::getByShareToken($token); $file = File::getByShareToken($token);
if ($file->isPasswordProtected() && !$file->checkPassword('')){
throw new \Exception('Not authorized');
}
$session = Db\Session::start($uid, $file); $session = Db\Session::start($uid, $file);
\OCP\JSON::success($session); \OCP\JSON::success($session);
} catch (\Exception $e){ } catch (\Exception $e){

2
lib/file.php
View File

@ -95,7 +95,7 @@ class File {
public function isPasswordProtected(){ public function isPasswordProtected(){
return $this->passwordProtected; return $this->passwordProtected;
} }
public function checkPassword($password){ public function checkPassword($password){
$shareId = $this->getShareId(); $shareId = $this->getShareId();
if (!$this->isPasswordProtected() if (!$this->isPasswordProtected()