|
|
@ -9,6 +9,10 @@
|
|
|
|
* Mobile app API
|
|
|
|
* Mobile app API
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// The name of the permission needed to log in.
|
|
|
|
|
|
|
|
// Set to null if you don't need it.
|
|
|
|
|
|
|
|
$access_permission = "ADMIN";
|
|
|
|
|
|
|
|
|
|
|
|
require __DIR__ . "/../required.php";
|
|
|
|
require __DIR__ . "/../required.php";
|
|
|
|
|
|
|
|
|
|
|
|
require __DIR__ . "/../lib/login.php";
|
|
|
|
require __DIR__ . "/../lib/login.php";
|
|
|
@ -93,9 +97,9 @@ switch ($VARS['action']) {
|
|
|
|
if (user_exists($VARS['username'])) {
|
|
|
|
if (user_exists($VARS['username'])) {
|
|
|
|
if (get_account_status($VARS['username']) == "NORMAL") {
|
|
|
|
if (get_account_status($VARS['username']) == "NORMAL") {
|
|
|
|
if (authenticate_user($VARS['username'], $VARS['password'], $autherror)) {
|
|
|
|
if (authenticate_user($VARS['username'], $VARS['password'], $autherror)) {
|
|
|
|
if (account_has_permission($VARS['username'], "ADMIN")) {
|
|
|
|
if (is_null($access_permission) || account_has_permission($VARS['username'], $access_permission)) {
|
|
|
|
doLoginUser($VARS['username'], $VARS['password']);
|
|
|
|
doLoginUser($VARS['username'], $VARS['password']);
|
|
|
|
$_SESSION['mobile'] = TRUE;
|
|
|
|
$_SESSION['mobile'] = true;
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
exit(json_encode(["status" => "ERROR", "msg" => lang("no admin permission", false)]));
|
|
|
|
exit(json_encode(["status" => "ERROR", "msg" => lang("no admin permission", false)]));
|
|
|
@ -107,4 +111,4 @@ switch ($VARS['action']) {
|
|
|
|
default:
|
|
|
|
default:
|
|
|
|
http_response_code(404);
|
|
|
|
http_response_code(404);
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => "The requested action is not available."]));
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => "The requested action is not available."]));
|
|
|
|
}
|
|
|
|
}
|
|
|
|