diff options
author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-09-24 18:35:47 +0000 |
---|---|---|
committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-09-24 18:35:47 +0000 |
commit | 4426b6fb5631d430fcac0664a8d011e8ef1e3558 (patch) | |
tree | 5fc29c6fe2fbeeff9cecb29b569ae5ea06dc7f36 /engine | |
parent | cb6bac059f98b6f4a67c6bfb92a4e1cc5e4f359e (diff) | |
download | elgg-4426b6fb5631d430fcac0664a8d011e8ef1e3558.tar.gz elgg-4426b6fb5631d430fcac0664a8d011e8ef1e3558.tar.bz2 |
auth_token api call now functional
git-svn-id: https://code.elgg.org/elgg/trunk@2121 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/api.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/engine/lib/api.php b/engine/lib/api.php index c87b67b32..191051b47 100644 --- a/engine/lib/api.php +++ b/engine/lib/api.php @@ -294,9 +294,13 @@ global $CONFIG; $site = $CONFIG->site_id; - $token = md5(mt_rand(). microtime() . $username . $password); + $user = get_user_by_username($username); + $time = time(); + $token = md5(rand(). microtime() . $username . $password . $time . $site); + + if (!$user) return false; - if (insert_data("INSERT into {$CONFIG->dbprefix}users_apisessions (user_guid, site_guid, token, expires) values () on duplicate key update token='$token'")) + if (insert_data("INSERT into {$CONFIG->dbprefix}users_apisessions (user_guid, site_guid, token, expires) values ({$user->guid}, $site, '$token', '$time') on duplicate key update token='$token'")) return $token; return false; |