aboutsummaryrefslogtreecommitdiff
path: root/engine
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-09-24 18:35:47 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-09-24 18:35:47 +0000
commit4426b6fb5631d430fcac0664a8d011e8ef1e3558 (patch)
tree5fc29c6fe2fbeeff9cecb29b569ae5ea06dc7f36 /engine
parentcb6bac059f98b6f4a67c6bfb92a4e1cc5e4f359e (diff)
downloadelgg-4426b6fb5631d430fcac0664a8d011e8ef1e3558.tar.gz
elgg-4426b6fb5631d430fcac0664a8d011e8ef1e3558.tar.bz2
auth_token api call now functional
git-svn-id: https://code.elgg.org/elgg/trunk@2121 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine')
-rw-r--r--engine/lib/api.php8
1 files changed, 6 insertions, 2 deletions
diff --git a/engine/lib/api.php b/engine/lib/api.php
index c87b67b32..191051b47 100644
--- a/engine/lib/api.php
+++ b/engine/lib/api.php
@@ -294,9 +294,13 @@
global $CONFIG;
$site = $CONFIG->site_id;
- $token = md5(mt_rand(). microtime() . $username . $password);
+ $user = get_user_by_username($username);
+ $time = time();
+ $token = md5(rand(). microtime() . $username . $password . $time . $site);
+
+ if (!$user) return false;
- if (insert_data("INSERT into {$CONFIG->dbprefix}users_apisessions (user_guid, site_guid, token, expires) values () on duplicate key update token='$token'"))
+ if (insert_data("INSERT into {$CONFIG->dbprefix}users_apisessions (user_guid, site_guid, token, expires) values ({$user->guid}, $site, '$token', '$time') on duplicate key update token='$token'"))
return $token;
return false;