From 0bafa78beef842b9356caf663634d09134377c99 Mon Sep 17 00:00:00 2001
From: Daniel Dimitrov <daniel@compojoom.com>
Date: Fri, 29 Jun 2012 16:37:05 +0200
Subject: [PATCH] protecting the form with a token

---
 .../components/com_jedchecker/controllers/uploads.php           | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/source/administrator/components/com_jedchecker/controllers/uploads.php b/source/administrator/components/com_jedchecker/controllers/uploads.php
index dc9c9c2..31191cb 100644
--- a/source/administrator/components/com_jedchecker/controllers/uploads.php
+++ b/source/administrator/components/com_jedchecker/controllers/uploads.php
@@ -28,6 +28,7 @@ class jedcheckerControllerUploads extends JController
      */
     public function upload()
     {
+        JRequest::checkToken() or die( 'Invalid Token' );
         $appl = JFactory::getApplication();
         $file = JRequest::getVar('extension', '', 'files', 'array');
         if ($file['tmp_name']) {
@@ -71,6 +72,7 @@ class jedcheckerControllerUploads extends JController
      */
     public function unzip()
     {
+        JRequest::checkToken() or die( 'Invalid Token' );
         $appl = JFactory::getApplication();
         // if folder doesn't exist - create it!
         if(!JFolder::exists($this->pathUnzipped)) {