From: Andrew Dolgov <fox@bah.org.ru>
Date: Wed, 28 Jul 2010 10:32:09 +0000 (+0400)
Subject: api: properly handle incorrect UID passed to login
X-Git-Tag: 1.4.3-proper~15
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=a7a9968684dca544e46e6da5338c9a452b1d8f24;hp=423e6e55d7c022e1efa1f171fd5c09caf8f01518;p=tt-rss.git

api: properly handle incorrect UID passed to login
---

diff --git a/api/index.php b/api/index.php
index 64e9741a..8d69e1a7 100644
--- a/api/index.php
+++ b/api/index.php
@@ -61,7 +61,7 @@
 				$uid = 0;
 			}
 
-			if (get_pref($link, "ENABLE_API_ACCESS", $uid)) {
+			if ($uid && get_pref($link, "ENABLE_API_ACCESS", $uid)) {
 				if (authenticate_user($link, $login, $password)) {
 					print json_encode(array("session_id" => session_id()));
 				} else {