From 3f5d4d82e41e020cc971920a5d90aebcbda7c379 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Tue, 20 Jan 2015 12:30:16 +0100
Subject: [PATCH] Streamline auth and CSRF check in scan.php

Furthermore a not logged-in user was able to access this page before which resulted in a Fatal PHP error since the filesystem could not get setup properly.
---
 apps/files/ajax/scan.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/apps/files/ajax/scan.php b/apps/files/ajax/scan.php
index f8977c2971..a85969503c 100644
--- a/apps/files/ajax/scan.php
+++ b/apps/files/ajax/scan.php
@@ -1,11 +1,15 @@
 <?php
 set_time_limit(0); //scanning can take ages
+
+\OCP\JSON::checkLoggedIn();
+\OCP\JSON::callCheck();
+
 \OC::$server->getSession()->close();
 
 $force = (isset($_GET['force']) and ($_GET['force'] === 'true'));
 $dir = isset($_GET['dir']) ? $_GET['dir'] : '';
 if (isset($_GET['users'])) {
-	OC_JSON::checkAdminUser();
+	\OCP\JSON::checkAdminUser();
 	if ($_GET['users'] === 'all') {
 		$users = OC_User::getUsers();
 	} else {