|
|
|
@ -8,10 +8,6 @@
|
|
|
|
|
* Mobile app API
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
// The name of the permission needed to log in.
|
|
|
|
|
// Set to null if you don't need it.
|
|
|
|
|
$access_permission = null;
|
|
|
|
|
|
|
|
|
|
require __DIR__ . "/../required.php";
|
|
|
|
|
|
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
@ -70,13 +66,14 @@ switch ($VARS['action']) {
|
|
|
|
|
if ($user->exists()) {
|
|
|
|
|
if ($user->getStatus()->getString() == "NORMAL") {
|
|
|
|
|
if ($user->checkPassword($VARS['password'])) {
|
|
|
|
|
if (is_null($access_permission) || $user->hasPermission($access_permission)) {
|
|
|
|
|
Session::start($user);
|
|
|
|
|
$_SESSION['mobile'] = true;
|
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
|
} else {
|
|
|
|
|
exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("no admin permission", false)]));
|
|
|
|
|
foreach ($SETTINGS['permissions'] as $perm) {
|
|
|
|
|
if (!$user->hasPermission($perm)) {
|
|
|
|
|
exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("no permission", false)]));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Session::start($user);
|
|
|
|
|
$_SESSION['mobile'] = true;
|
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|