summaryrefslogtreecommitdiff
path: root/program/steps
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps')
-rw-r--r--program/steps/addressbook/save.inc10
-rw-r--r--program/steps/settings/save_identity.inc8
-rw-r--r--program/steps/settings/save_prefs.inc9
3 files changed, 3 insertions, 24 deletions
diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index 45cb6387e..639e0f2d1 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -5,7 +5,7 @@
| program/steps/addressbook/save.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -22,14 +22,6 @@
$cid = get_input_value('_cid', RCUBE_INPUT_POST);
$return_action = empty($cid) ? 'add' : 'show';
-// check request token and exit if invalid
-if (!$RCMAIL->check_request('save.'.intval($cid), RCUBE_INPUT_POST))
-{
- $OUTPUT->show_message('invalidrequest', 'error');
- rcmail_overwrite_action($return_action);
- return;
-}
-
// cannot edit record
if ($CONTACTS->readonly)
{
diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc
index 86ff263d2..d36114cd0 100644
--- a/program/steps/settings/save_identity.inc
+++ b/program/steps/settings/save_identity.inc
@@ -5,7 +5,7 @@
| program/steps/settings/save_identity.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -26,12 +26,6 @@ $a_html_cols = array('signature');
$a_boolean_cols = array('standard', 'html_signature');
$updated = $default_id = false;
-// check request token
-if (!$RCMAIL->check_request('save-identity.'.intval(get_input_value('_iid', RCUBE_INPUT_POST)), RCUBE_INPUT_POST)) {
- $OUTPUT->show_message('invalidrequest', 'error');
- rcmail_overwrite_action('identities');
- return;
-}
// check input
if (empty($_POST['_name']) || (empty($_POST['_email']) && IDENTITIES_LEVEL != 1 && IDENTITIES_LEVEL != 3))
{
diff --git a/program/steps/settings/save_prefs.inc b/program/steps/settings/save_prefs.inc
index 7444a8b53..8430ffd88 100644
--- a/program/steps/settings/save_prefs.inc
+++ b/program/steps/settings/save_prefs.inc
@@ -5,7 +5,7 @@
| program/steps/settings/save_prefs.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -19,13 +19,6 @@
*/
-// check request token and exit if invalid
-if (!$RCMAIL->check_request('save-prefs', RCUBE_INPUT_POST)) {
- $OUTPUT->show_message('invalidrequest', 'error');
- rcmail_overwrite_action('preferences');
- return;
-}
-
$a_user_prefs = array(
'language' => isset($_POST['_language']) ? get_input_value('_language', RCUBE_INPUT_POST) : $CONFIG['language'],
'timezone' => isset($_POST['_timezone']) ? (is_numeric($_POST['_timezone']) ? floatval($_POST['_timezone']) : get_input_value('_timezone', RCUBE_INPUT_POST)) : $CONFIG['timezone'],