fixes #2436 refactor async upload authentication

Replaces direct login check with ws_session_login for 'pwg.images.uploadAsync' and updates error handling to return the login response. Also updates the web service method definition to make username and password optional and clarifies admin credential requirements in the documentation.
This commit is contained in:
Linty
2025-11-13 13:04:22 +01:00
parent 17829fdc52
commit c257866d71
2 changed files with 15 additions and 6 deletions
+12 -3
View File
@@ -102,10 +102,19 @@ if (
and isset($_POST['password'])
)
{
if (!try_log_user($_POST['username'], $_POST['password'], false))
include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
include_once(PHPWG_ROOT_PATH.'include/ws_functions/pwg.php');
$credentials = array(
'username' => $_POST['username'],
'password' => $_POST['password']
);
$login = ws_session_login($credentials, $service);
if (true !== $login)
{
include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
$service->sendResponse(new PwgError(999, 'Invalid username/password'));
$service->sendResponse($login);
exit();
}
$_SESSION['connected_with'] = 'pwg.images.uploadAsync';