diff options
Diffstat (limited to 'engine/lib/api.php')
-rw-r--r-- | engine/lib/api.php | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/engine/lib/api.php b/engine/lib/api.php index ed77fe162..933b718e8 100644 --- a/engine/lib/api.php +++ b/engine/lib/api.php @@ -627,15 +627,12 @@ $method = get_input('method'); $token = get_input('token'); - if (($method) && ($token)) - { - $validated_userid = validate_user_token($CONFIG->site_id, $token); - - if ((!$METHODS[$method]["require_auth_token"]) || ($validated_userid) || (isloggedin())) - return true; - else - throw new SecurityException(elgg_echo('SecurityException:AuthTokenExpired'), GenericResult::$RESULT_FAIL_AUTHTOKEN); - } + $validated_userid = validate_user_token($CONFIG->site_id, $token); + + if ((!$METHODS[$method]["require_auth_token"]) || ($validated_userid) || (isloggedin())) + return true; + else + throw new SecurityException(elgg_echo('SecurityException:AuthTokenExpired'), GenericResult::$RESULT_FAIL_AUTHTOKEN); return false; } |