Remove CSRF protection from username/password login and from OpenID login.

[quix0rs-gnu-social.git] / actions / apidirectmessagenew.php

diff --git a/actions/apidirectmessagenew.php b/actions/apidirectmessagenew.php
index b9ac92d77bfc01bb91f87ec67ddde184b48f8347..65d065648ff0337483a3fd5add842546b2133230 100644 (file)
--- a/actions/apidirectmessagenew.php
+++ b/actions/apidirectmessagenew.php
@@ -52,7 +52,6 @@ require_once INSTALLDIR . '/lib/apiauth.php';
 
 class ApiDirectMessageNewAction extends ApiAuthAction
 {
-    var $source  = null;
     var $other   = null;
     var $content = null;
 
@@ -76,13 +75,6 @@ class ApiDirectMessageNewAction extends ApiAuthAction
             return;
         }
 
-        $this->source = $this->trimmed('source'); // Not supported by Twitter.
-
-        $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api');
-        if (empty($this->source) || in_array($this->source, $reserved_sources)) {
-            $source = 'api';
-        }
-
         $this->content = $this->trimmed('text');
 
         $this->user  = $this->auth_user;