From 3a216db45c510f2601fcdb3b879e2e20dce63dd5 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.org.ru>
Date: Wed, 16 Dec 2009 14:36:59 +0300
Subject: add per-user option to enable access to API

---
 api/index.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'api')

diff --git a/api/index.php b/api/index.php
index ff8c70f58..90ca5405c 100644
--- a/api/index.php
+++ b/api/index.php
@@ -44,11 +44,10 @@
 		return;
 	}
 
-/*	TODO: add pref key to disable/enable API
-	if ($_SESSION["uid"] && !get_pref($link, 'API_ENABLED')) {
+	if ($_SESSION["uid"] && $op != "logout" && !get_pref($link, 'ENABLE_API_ACCESS')) {
 		print json_encode(array("error" => 'API_DISABLED'));
 		return;
-	} */
+	} 
 
 	switch ($op) {
 		case "getVersion":
@@ -62,7 +61,7 @@
 			if (authenticate_user($link, $login, $password)) {
 				print json_encode(array("uid" => $_SESSION["uid"]));
 			} else {
-				print json_encode(array("uid" => 0));
+				print json_encode(array("error" => "LOGIN_ERROR"));
 			}
 
 			break;
-- 
cgit v1.2.3