From 77537c157df1ca44a2e8f375c04c31580eb89954 Mon Sep 17 00:00:00 2001
From: cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Sat, 22 Jan 2011 22:33:50 +0000
Subject: testing for the existence of username in pam credentials before using

git-svn-id: http://code.elgg.org/elgg/trunk@7907 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/sessions.php     | 2 +-
 engine/lib/web_services.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'engine/lib')

diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 4cdc9bcce..eb47f4eb5 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -182,7 +182,7 @@ function authenticate($username, $password) {
  */
 function pam_auth_userpass($credentials = NULL) {
 
-	if (!is_array($credentials) && (!$credentials['username']) && (!$credentials['password'])) {
+	if (!is_array($credentials) || !isset($credentials['username']) || !isset($credentials['password'])) {
 		return false;
 	}
 
diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index e529711e1..33f413c5c 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -177,7 +177,7 @@ function authenticate_method($method) {
 	}
 
 	$user_pam = new ElggPAM('user');
-	$user_auth_result = $user_pam->authenticate();
+	$user_auth_result = $user_pam->authenticate(array());
 
 	// check if user authentication is required
 	if ($API_METHODS[$method]["require_user_auth"] == true) {
-- 
cgit v1.2.3