mirror of
https://github.com/Piwigo/Piwigo.git
synced 2026-07-04 17:02:17 +02:00
fixes #2436 refactor async upload authentication
Replaces direct login check with ws_session_login for 'pwg.images.uploadAsync' and updates error handling to return the login response. Also updates the web service method definition to make username and password optional and clarifies admin credential requirements in the documentation.
This commit is contained in:
+12
-3
@@ -102,10 +102,19 @@ if (
|
||||
and isset($_POST['password'])
|
||||
)
|
||||
{
|
||||
if (!try_log_user($_POST['username'], $_POST['password'], false))
|
||||
include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
|
||||
include_once(PHPWG_ROOT_PATH.'include/ws_functions/pwg.php');
|
||||
|
||||
$credentials = array(
|
||||
'username' => $_POST['username'],
|
||||
'password' => $_POST['password']
|
||||
);
|
||||
|
||||
$login = ws_session_login($credentials, $service);
|
||||
|
||||
if (true !== $login)
|
||||
{
|
||||
include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
|
||||
$service->sendResponse(new PwgError(999, 'Invalid username/password'));
|
||||
$service->sendResponse($login);
|
||||
exit();
|
||||
}
|
||||
$_SESSION['connected_with'] = 'pwg.images.uploadAsync';
|
||||
|
||||
Reference in New Issue
Block a user