diff options
| author | Andrew Dolgov <[email protected]> | 2011-04-13 14:18:33 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2011-04-13 14:18:33 +0400 |
| commit | bdea432bbb1111b685cd060423c9ec44c809d0cb (patch) | |
| tree | 0a267890d5a82c5836d7aaca272b23d0e378e3e6 /api | |
| parent | 347b467be566aee56e5f94a0b1fa145e3099439b (diff) | |
api/login: properly return LOGIN_ERROR when passed an invalid username
Diffstat (limited to 'api')
| -rw-r--r-- | api/index.php | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/api/index.php b/api/index.php index 7819095da..6b47d8122 100644 --- a/api/index.php +++ b/api/index.php @@ -80,7 +80,13 @@ $uid = 0; } - if ($uid && get_pref($link, "ENABLE_API_ACCESS", $uid)) { + if (!$uid) { + print api_wrap_reply(API_STATUS_ERR, $seq, + array("error" => "LOGIN_ERROR")); + return; + } + + if (get_pref($link, "ENABLE_API_ACCESS", $uid)) { if (authenticate_user($link, $login, $password)) { // try login with normal password print api_wrap_reply(API_STATUS_OK, $seq, array("session_id" => session_id())); |