fixes #2436 refactor async upload authentication

Replaces direct login check with ws_session_login for 'pwg.images.uploadAsync' and updates error handling to return the login response. Also updates the web service method definition to make username and password optional and clarifies admin credential requirements in the documentation.

include/user.inc.php

@@ -102,10 +102,19 @@ if (
   and isset($_POST['password'])
 )
 {
-  if (!try_log_user($_POST['username'], $_POST['password'], false))
+  include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
+  include_once(PHPWG_ROOT_PATH.'include/ws_functions/pwg.php');
+
+  $credentials = array(
+    'username' => $_POST['username'],
+    'password' => $_POST['password']
+  );
+
+  $login = ws_session_login($credentials, $service);
+  
+  if (true !== $login)
   {
-    include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
-    $service->sendResponse(new PwgError(999, 'Invalid username/password'));
+    $service->sendResponse($login);
     exit();
   }
   $_SESSION['connected_with'] = 'pwg.images.uploadAsync';

ws.php

@@ -517,8 +517,8 @@ function ws_addDefaultMethods( $arr )
     'pwg.images.uploadAsync',
     'ws_images_uploadAsync',
     array(
-        'username' => array(),
-        'password' => array('default'=>null),
+        'username' => array('flags'=>WS_PARAM_OPTIONAL),
+        'password' => array('default'=>null, 'flags'=>WS_PARAM_OPTIONAL),
         'chunk' => array('type'=>WS_TYPE_INT|WS_TYPE_POSITIVE),
         'chunk_sum' => array(),
         'chunks' => array('type'=>WS_TYPE_INT|WS_TYPE_POSITIVE),
@@ -538,7 +538,7 @@ function ws_addDefaultMethods( $arr )
 <br>Start with chunk 0 (zero).
 <br>Set the form encoding to "form-data".
 <br>You can update an existing photo if you define an existing image_id.
-<br>Requires <b>admin</b> credentials.',
+<br>Requires <b>admin</b> credentials: either with username/password or header authorization with api key.',
       $ws_functions_root . 'pwg.images.php',
       array('admin_only'=>true, 'post_only'=>true)
     );