summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-03-26 18:51:01 +0000
committerZach Copley <zach@status.net>2010-03-26 19:58:59 +0000
commit60009227f724e67b0205ae9eb77306107f2e4681 (patch)
tree1b203dc0e8854be22d07b8af620cdc1fc4858dfa
parent766cf99f211f3d3c20bbe0c94464a5c7c47d6597 (diff)
Return an http auth error, when a client sends in an invalid auth user, even when http auth is not required.
-rw-r--r--lib/apiauth.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/apiauth.php b/lib/apiauth.php
index 17f803a1c..e78de618e 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -267,7 +267,7 @@ class ApiAuthAction extends ApiAction
$this->access = self::READ_WRITE;
- if (empty($this->auth_user) && $required) {
+ if (empty($this->auth_user) && ($required || isset($_SERVER['PHP_AUTH_USER']))) {
// basic authentication failed