GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

A blank username should never be allowed.

Browse Source
This commit is contained in:
Zach Copley 2010-03-10 03:39:05 +00:00
parent 60e0f04261
commit 7f2253759c
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/apiauth.php
View File

@ -241,7 +241,7 @@ class ApiAuthAction extends ApiAction
$realm = common_config('site', 'name') . ' API'; $realm = common_config('site', 'name') . ' API';
} }
if (!isset($this->auth_user_nickname) && $required) { if (empty($this->auth_user_nickname) && $required) {
header('WWW-Authenticate: Basic realm="' . $realm . '"'); header('WWW-Authenticate: Basic realm="' . $realm . '"');
// show error if the user clicks 'cancel' // show error if the user clicks 'cancel'

5
lib/util.php
View File

@ -159,6 +159,11 @@ function common_munge_password($password, $id)
function common_check_user($nickname, $password) function common_check_user($nickname, $password)
{ {
// empty nickname always unacceptable
if (empty($nickname)) {
return false;
}
$authenticatedUser = false; $authenticatedUser = false;
if (Event::handle('StartCheckPassword', array($nickname, $password, &$authenticatedUser))) { if (Event::handle('StartCheckPassword', array($nickname, $password, &$authenticatedUser))) {