An empty user id does not have children

[friendica.git] / src / Security / FKOAuth1.php

diff --git a/src/Security/FKOAuth1.php b/src/Security/FKOAuth1.php
index 1c9a38e2efe83bc07dac0d7b411a6cecbfd87eea..0cd10af7aec305800f25228b12e6bdf064435023 100644 (file)
--- a/src/Security/FKOAuth1.php
+++ b/src/Security/FKOAuth1.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -25,8 +25,8 @@ use Friendica\Core\Logger;
 use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Security\OAuth1\OAuthServer;
-use Friendica\Security\OAuth1\OAuthSignatureMethod_HMAC_SHA1;
-use Friendica\Security\OAuth1\OAuthSignatureMethod_PLAINTEXT;
+use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_HMAC_SHA1;
+use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_PLAINTEXT;
 
 /**
  * OAuth protocol
@@ -55,7 +55,7 @@ class FKOAuth1 extends OAuthServer
                $a = DI::app();
                $record = DBA::selectFirst('user', [], ['uid' => $uid, 'blocked' => 0, 'account_expired' => 0, 'account_removed' => 0, 'verified' => 1]);
 
-               if (!DBA::isResult($record)) {
+               if (!DBA::isResult($record) || empty($uid)) {
                        Logger::info('FKOAuth1::loginUser failure', ['server' => $_SERVER]);
                        header('HTTP/1.0 401 Unauthorized');
                        die('This api requires login');