]> git.defcon.no Git - hermes/blobdiff - api/lib/auth_base.php
git.defcon.no / hermes / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Changed from GET to POST on all parameter passing. Fixed a nasty bug in previous...
[hermes] / api / lib / auth_base.php
diff --git a/api/lib/auth_base.php b/api/lib/auth_base.php
index bb3c26fa411e8931be33454f140ea6f0313d66d6..e2ed932ea664be131a388927a827af787482da97 100644 (file)
--- a/api/lib/auth_base.php
+++ b/api/lib/auth_base.php
@@ -73,17 +73,17 @@ function simple_authfail()
 
 function token_auth( )
 {
-       global $_GET;
+       global $_POST;
 
        // TODO: Part of ping/pong requirement.
        // Run a function to clear all authkeys older than 5 minutes.
        expire_authkeys();
 
-       if ( array_key_exists('session', $_GET ) 
-            && array_key_exists('auth_key', $_GET ) )
+       if ( array_key_exists('session', $_POST ) 
+            && array_key_exists('auth_key', $_POST ) )
        { 
-               if ( ! check_session($_GET['session'] ) ) simple_authfail();
-               if ( ! check_authkey($_GET['auth_key'] ) ) simple_authfail(); 
+               if ( ! check_session($_POST['session'] ) ) simple_authfail();
+               if ( ! check_authkey($_POST['auth_key'] ) ) simple_authfail(); 
        }
        else simple_authfail();
 }
Hermes is a framework for managing a Kamailio SIP VoIP infrastructure.