diff options
| -rw-r--r-- | engine/lib/sessions.php | 2 | ||||
| -rw-r--r-- | engine/lib/web_services.php | 2 | ||||
| -rw-r--r-- | mod/uservalidationbyemail/start.php | 5 |
3 files changed, 6 insertions, 3 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index 4cdc9bcce..eb47f4eb5 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -182,7 +182,7 @@ function authenticate($username, $password) { */ function pam_auth_userpass($credentials = NULL) { - if (!is_array($credentials) && (!$credentials['username']) && (!$credentials['password'])) { + if (!is_array($credentials) || !isset($credentials['username']) || !isset($credentials['password'])) { return false; } diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php index e529711e1..33f413c5c 100644 --- a/engine/lib/web_services.php +++ b/engine/lib/web_services.php @@ -177,7 +177,7 @@ function authenticate_method($method) { } $user_pam = new ElggPAM('user'); - $user_auth_result = $user_pam->authenticate(); + $user_auth_result = $user_pam->authenticate(array()); // check if user authentication is required if ($API_METHODS[$method]["require_user_auth"] == true) { diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php index 9d4233f37..d04adcf4d 100644 --- a/mod/uservalidationbyemail/start.php +++ b/mod/uservalidationbyemail/start.php @@ -122,8 +122,11 @@ function uservalidationbyemail_allow_new_user_can_edit($hook, $type, $value, $pa */ function uservalidationbyemail_check_auth_attempt($credentials) { + if (!isset($credentials['username'])) { + return; + } + $username = $credentials['username']; - $password = $credentials['password']; // See if the user exists and isn't validated $access_status = access_get_show_hidden_status(); |