lib/kolab_api_controller.php
Aleksander Machniak
machniak at kolabsys.com
Fri Feb 24 12:07:58 CET 2012
lib/kolab_api_controller.php | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
New commits:
commit 4dbe52463e30dd28998c22ae0ed44cb1c7f21272
Author: Aleksander Machniak <alec at alec.pl>
Date: Fri Feb 24 12:04:54 2012 +0100
Session validation is redundant in system.configure, removed
diff --git a/lib/kolab_api_controller.php b/lib/kolab_api_controller.php
index b9885ca..c0e36b6 100644
--- a/lib/kolab_api_controller.php
+++ b/lib/kolab_api_controller.php
@@ -134,8 +134,9 @@ class kolab_api_controller
$postdata = @json_decode($postdata, true);
console("Calling method " . $method . " on service " . $service);
+
// validate user session
- if ($method != 'authenticate') {
+ if ($service != 'system' || $method != 'authenticate') {
if (!$this->session_validate($postdata)) {
throw new Exception("Invalid session", 403);
}
@@ -363,10 +364,6 @@ class kolab_api_controller
*/
private function configure($request, $postdata)
{
- if (!$this->session_validate($postdata)) {
- return false;
- }
-
$result = array();
foreach ($postdata as $key => $value) {
More information about the commits
mailing list