diff options
| author | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2009-07-21 16:02:33 +0000 |
|---|---|---|
| committer | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2009-07-21 16:02:33 +0000 |
| commit | 06a746b43a418a501e67b47242499a1acd2ba848 (patch) | |
| tree | 8784a3591ac99529265558853d975d30967156b9 /roundcubemail/program/steps/addressbook | |
| parent | de9304fe9b1c3fce460ca79395becefa382ba134 (diff) | |
Use global request tokens and automatically protect all POST requests
git-svn-id: https://svn.roundcube.net/trunk@2778 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/program/steps/addressbook')
| -rw-r--r-- | roundcubemail/program/steps/addressbook/save.inc | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/roundcubemail/program/steps/addressbook/save.inc b/roundcubemail/program/steps/addressbook/save.inc index 45cb6387e..639e0f2d1 100644 --- a/roundcubemail/program/steps/addressbook/save.inc +++ b/roundcubemail/program/steps/addressbook/save.inc @@ -5,7 +5,7 @@ | program/steps/addressbook/save.inc | | | | This file is part of the RoundCube Webmail client | - | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland | + | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | | Licensed under the GNU GPL | | | | PURPOSE: | @@ -22,14 +22,6 @@ $cid = get_input_value('_cid', RCUBE_INPUT_POST); $return_action = empty($cid) ? 'add' : 'show'; -// check request token and exit if invalid -if (!$RCMAIL->check_request('save.'.intval($cid), RCUBE_INPUT_POST)) -{ - $OUTPUT->show_message('invalidrequest', 'error'); - rcmail_overwrite_action($return_action); - return; -} - // cannot edit record if ($CONTACTS->readonly) { |