adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-02 04:15:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixes #1356 pwg.images.uploadAsync, move auth code to inc/user.inc.php

Browse Source 
In order to avoid loading user context as "guest" and then wait to be in ws_images_uploadAsync function to authenticate and load a new user context. This way we deal with "automatic" authentication in the same place (as apache auth or url auth) and we use the more common user context loading mecanism. Making Community compatible is now much easier.

To avoid duplicating too many lines of ws.php into inc/user.inc.php, I have moved the init of ws.php into inc/ws_init.inc.php
This commit is contained in:
plegall
2021-10-07 14:53:27 +02:00
parent 5803c76f4d
commit 8effbe8e95
4 changed files with 90 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/user.inc.php
+16
View File
@@ -56,6 +56,22 @@ if (isset($_GET['auth']))
auth_key_login($_GET['auth']);
}
if (
defined('IN_WS')
and isset($_REQUEST['method'])
and 'pwg.images.uploadAsync' == $_REQUEST['method']
and isset($_POST['username'])
and isset($_POST['password'])
)
{
if (!try_log_user($_POST['username'], $_POST['password'], false))
{
include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
$service->sendResponse(new PwgError(999, 'Invalid username/password'));
exit();
}
}
$user = build_user( $user['id'],
( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
);