From 086c820cdcab834fe252ff2e76fa84afd491a3f2 Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Wed, 24 Sep 2008 13:22:43 +0000
Subject: Will now handle banned users

git-svn-id: https://code.elgg.org/elgg/trunk@2110 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/api.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/engine/lib/api.php b/engine/lib/api.php
index a44a4fc72..3b84e9341 100644
--- a/engine/lib/api.php
+++ b/engine/lib/api.php
@@ -749,8 +749,11 @@
 		
 		$validated_userid = validate_user_token($CONFIG->site_id, $token); 
 		
-		if ($validated_userid)
-			login(get_entity($validated_userid));
+		if ($validated_userid) {
+			$u = get_entity($validated_userid);
+			if (!$u) return false; // Could we get the user?
+			if (!login($u)) return false; // Fail if we couldn't log the user in (likely means they were banned).
+		}
 		
 		if ((!$METHODS[$method]["require_auth_token"]) || ($validated_userid) || (isloggedin()))
 			return true;
-- 
cgit v1.2.3