DontSellMe/richdocuments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #357 from owncloud/advanced-password

Browse Source 
Check session token
This commit is contained in:
VicDeo 2014-09-08 23:43:12 +03:00
commit 3b70fe07f9
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ajax/sessionController.php
View File

@ -23,6 +23,9 @@ class SessionController extends Controller{
try {
$token = Helper::getArrayValueByKey($args, 'token');
$file = File::getByShareToken($token);
if ($file->isPasswordProtected() && !$file->checkPassword('')){
throw new \Exception('Not authorized');
}
$session = Db\Session::start($uid, $file);
\OCP\JSON::success($session);
} catch (\Exception $e){