lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Code comment

Browse Source
This commit is contained in:
Laurent Destailleur 2017-06-25 12:26:16 +02:00
parent 78ebffe4f1
commit 8bfda8d4ee
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
htdocs/api/class/api_access.class.php
View File

@ -80,25 +80,25 @@ class DolibarrApiAccess implements iAuthenticate
{ {
dol_syslog($key.' - '.$val); dol_syslog($key.' - '.$val);
}*/ }*/
// api key can be provided in url with parameter api_key=xxx or ni header with header DOLAPIKEY:xxx // api key can be provided in url with parameter api_key=xxx or ni header with header DOLAPIKEY:xxx
$api_key = ''; $api_key = '';
if (isset($_GET['api_key'])) if (isset($_GET['api_key']))
{ {
// TODO Add option to disable use of api key on url. Return errors if used. // TODO Add option to disable use of api key on url. Return errors if used.
$api_key = $_GET['api_key']; // For backward compatibility $api_key = $_GET['api_key']; // For backward compatibility
} }
if (isset($_GET['DOLAPIKEY'])) if (isset($_GET['DOLAPIKEY']))
{ {
// TODO Add option to disable use of api key on url. Return errors if used. // TODO Add option to disable use of api key on url. Return errors if used.
$api_key = $_GET['DOLAPIKEY']; // With GET method $api_key = $_GET['DOLAPIKEY']; // With GET method
} }
if (isset($_SERVER['HTTP_DOLAPIKEY'])) if (isset($_SERVER['HTTP_DOLAPIKEY'])) // Param DOLAPIKEY in header can be read with HTTP_DOLAPIKEY
{ {
$api_key = $_SERVER['HTTP_DOLAPIKEY']; // With header method (recommanded) $api_key = $_SERVER['HTTP_DOLAPIKEY']; // With header method (recommanded)
} }
if ($api_key) if ($api_key)
{ {
$sql = "SELECT u.login, u.datec, u.api_key, "; $sql = "SELECT u.login, u.datec, u.api_key, ";
$sql.= " u.tms as date_modification, u.entity"; $sql.= " u.tms as date_modification, u.entity";