public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 22:15:56 +00:00
Code Issues Releases Wiki Activity

api: forbid login when api is disabled

Browse Source
This commit is contained in:
Andrew Dolgov
2009-12-16 14:49:33 +03:00
parent 3a216db45c
commit 4cdd0d7ca3
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
api/index.php
View File

@@ -58,11 +58,16 @@
$login = db_escape_string($_REQUEST["user"]); $login = db_escape_string($_REQUEST["user"]);
$password = db_escape_string($_REQUEST["password"]); $password = db_escape_string($_REQUEST["password"]);
if (get_pref($link, "ENABLE_API_ACCESS", $login)) {
if (authenticate_user($link, $login, $password)) { if (authenticate_user($link, $login, $password)) {
print json_encode(array("uid" => $_SESSION["uid"])); print json_encode(array("uid" => $_SESSION["uid"]));
} else { } else {
print json_encode(array("error" => "LOGIN_ERROR")); print json_encode(array("error" => "LOGIN_ERROR"));
} }
} else {
logout_user();
print json_encode(array("error" => "API_DISABLED"));
}
break; break;
case "logout": case "logout":