X-Git-Url: https://git.defcon.no/?a=blobdiff_plain;f=api%2Flib%2Fauth_base.php;h=e2ed932ea664be131a388927a827af787482da97;hb=60bf626a9d34dee29c5644a2a5c8c24829c87f13;hp=bb3c26fa411e8931be33454f140ea6f0313d66d6;hpb=49718d337c37e2a3c06d751dc980fe9401277c2a;p=hermes

diff --git a/api/lib/auth_base.php b/api/lib/auth_base.php
index bb3c26f..e2ed932 100644
--- a/api/lib/auth_base.php
+++ b/api/lib/auth_base.php
@@ -73,17 +73,17 @@ function simple_authfail()
 
 function token_auth( )
 {
-	global $_GET;
+	global $_POST;
 
 	// TODO: Part of ping/pong requirement.
 	// Run a function to clear all authkeys older than 5 minutes.
 	expire_authkeys();
 
-	if ( array_key_exists('session', $_GET ) 
-	     && array_key_exists('auth_key', $_GET ) )
+	if ( array_key_exists('session', $_POST ) 
+	     && array_key_exists('auth_key', $_POST ) )
 	{ 
-		if ( ! check_session($_GET['session'] ) ) simple_authfail();
-		if ( ! check_authkey($_GET['auth_key'] ) ) simple_authfail(); 
+		if ( ! check_session($_POST['session'] ) ) simple_authfail();
+		if ( ! check_authkey($_POST['auth_key'] ) ) simple_authfail(); 
 	}
 	else simple_authfail();
 }