api: properly handle incorrect UID passed to login

2010-07-28 14:32:09 +04:00 · 2010-07-28 14:32:09 +04:00 · a7a9968684
commit a7a9968684
parent 423e6e55d7
1 changed files with 1 additions and 1 deletions
--- a/api/index.php
+++ b/api/index.php
@ -61,7 +61,7 @@
 				$uid = 0;
 			}

-			if (get_pref($link, "ENABLE_API_ACCESS", $uid)) {
+			if ($uid && get_pref($link, "ENABLE_API_ACCESS", $uid)) {
 				if (authenticate_user($link, $login, $password)) {
 					print json_encode(array("session_id" => session_id()));
 				} else {