diff options
| author | Brett Profitt <brett.profitt@gmail.com> | 2012-04-24 15:27:47 -0700 |
|---|---|---|
| committer | Brett Profitt <brett.profitt@gmail.com> | 2012-04-24 15:27:47 -0700 |
| commit | 23f5e53a41c763b4253dcba797c23b7c39b6ef41 (patch) | |
| tree | 2d44f91d211665b9662861f889ac4352f9a7e8c7 /engine/lib/web_services.php | |
| parent | ec474c8f70406149ec515a0e09020ecd1b5292ec (diff) | |
| download | elgg-23f5e53a41c763b4253dcba797c23b7c39b6ef41.tar.gz elgg-23f5e53a41c763b4253dcba797c23b7c39b6ef41.tar.bz2 | |
Fixed problem in web services where users with incorrect passwords could gain an access token.
Diffstat (limited to 'engine/lib/web_services.php')
| -rw-r--r-- | engine/lib/web_services.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php index 07be76ec6..da3ed76a9 100644 --- a/engine/lib/web_services.php +++ b/engine/lib/web_services.php @@ -1165,7 +1165,7 @@ function list_all_apis() { * @access private */ function auth_gettoken($username, $password) { - if (elgg_authenticate($username, $password)) { + if (true === elgg_authenticate($username, $password)) { $token = create_user_token($username); if ($token) { return $token; |