From: Zach Copley <zach@status.net>
Date: Fri, 26 Mar 2010 18:51:01 +0000 (+0000)
Subject: Return an http auth error, when a client sends in an invalid auth user, even when... 
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=379df1ce3e7fa38b2e9ed8324d9ed43bbb4a5219;p=quix0rs-gnu-social.git

Return an http auth error, when a client sends in an invalid auth user, even when http auth is not required.
---

diff --git a/lib/apiauth.php b/lib/apiauth.php
index 17f803a1ca..e78de618ee 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -267,7 +267,7 @@ class ApiAuthAction extends ApiAction
 
             $this->access = self::READ_WRITE;
 
-            if (empty($this->auth_user) && $required) {
+            if (empty($this->auth_user) && ($required || isset($_SERVER['PHP_AUTH_USER']))) {
 
                 // basic authentication failed