1 files changed, 10 insertions, 11 deletions

diff --git a/classes/api.php b/classes/api.php
index 18f9c83b5..a0ee773c1 100755
--- a/classes/api.php
+++ b/classes/api.php
@@ -36,7 +36,7 @@ class API extends Handler {
 				return false;
 			}
 
-			if (!empty($_SESSION["uid"]) && $method != "logout" && !get_pref('ENABLE_API_ACCESS')) {
+			if (!empty($_SESSION["uid"]) && $method != "logout" && !get_pref(Prefs::ENABLE_API_ACCESS)) {
 				$this->_wrap(self::STATUS_ERR, array("error" => self::E_API_DISABLED));
 				return false;
 			}
@@ -59,25 +59,24 @@ class API extends Handler {
 	}
 
 	function login() {
-		@session_destroy();
-		@session_start();
+
+		if (session_status() == PHP_SESSION_ACTIVE) {
+			session_destroy();
+		}
+
+		session_start();
 
 		$login = clean($_REQUEST["user"]);
 		$password = clean($_REQUEST["password"]);
-		$password_base64 = base64_decode(clean($_REQUEST["password"]));
 
 		if (Config::get(Config::SINGLE_USER_MODE)) $login = "admin";
 
 		if ($uid = UserHelper::find_user_by_login($login)) {
-			if (get_pref("ENABLE_API_ACCESS", $uid)) {
-				if (UserHelper::authenticate($login, $password, false,  Auth_Base::AUTH_SERVICE_API)) {               // try login with normal password
+			if (get_pref(Prefs::ENABLE_API_ACCESS, $uid)) {
+				if (UserHelper::authenticate($login, $password, false,  Auth_Base::AUTH_SERVICE_API)) {
 					$this->_wrap(self::STATUS_OK, array("session_id" => session_id(),
 						"api_level" => self::API_LEVEL));
-				} else if (UserHelper::authenticate($login, $password_base64, false, Auth_Base::AUTH_SERVICE_API)) { // else try with base64_decoded password
-					$this->_wrap(self::STATUS_OK,	array("session_id" => session_id(),
-						"api_level" => self::API_LEVEL));
-				} else {                                                         // else we are not logged in
-					user_error("Failed login attempt for $login from " . UserHelper::get_user_ip(), E_USER_WARNING);
+				} else {
 					$this->_wrap(self::STATUS_ERR, array("error" => self::E_LOGIN_ERROR));
 				}
 			} else {