From 3affb2e8172b4cc673aafe9551c21dad6f606d87 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Wed, 20 Jul 2016 17:55:40 -0700
Subject: sort out some of the authentication mess - with luck this may fix the
 DAV auth issue which I simply could not duplicate or find a reason for.

---
 include/api_auth.php | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

(limited to 'include/api_auth.php')

diff --git a/include/api_auth.php b/include/api_auth.php
index dc8492b20..7a71bad73 100644
--- a/include/api_auth.php
+++ b/include/api_auth.php
@@ -59,20 +59,12 @@ function api_login(&$a){
 	if(isset($_SERVER['PHP_AUTH_USER'])) {
 		$channel_login = 0;
 		$record = account_verify_password($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']);
-		if(! $record) {
-	        $r = q("select * from channel left join account on account.account_id = channel.channel_account_id 
-				where channel.channel_address = '%s' limit 1",
-		       dbesc($_SERVER['PHP_AUTH_USER'])
-			);
-        	if ($r) {
-				$record = account_verify_password($r[0]['account_email'],$_SERVER['PHP_AUTH_PW']);
-				if($record)
-					$channel_login = $r[0]['channel_id'];
-			}
+		if($record && $record['channel']) {
+			$channel_login = $record['channel']['channel_id'];
 		}
 	}
 
-	if($record) {
+	if($record['account']) {
 		authenticate_success($record);
 
 		if($channel_login)
-- 
cgit v1.2.3