From b1841a14eacbb062973886da67bd4929e97844ed Mon Sep 17 00:00:00 2001 From: bohwaz Date: Fri, 7 Jun 2024 00:21:27 +0200 Subject: [PATCH] Try to fix issue #38 again --- server/inc/API.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/server/inc/API.php b/server/inc/API.php index ecfcf68..3a397f9 100644 --- a/server/inc/API.php +++ b/server/inc/API.php @@ -186,20 +186,20 @@ public function requireAuth(?string $username = null): void return; } - if (empty($_COOKIE['sessionid']) && isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { + if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { $this->login(); $this->user = $_SESSION['user']; return; } if (empty($_COOKIE['sessionid'])) { - $this->error(401, 'session cookie is required' . print_r([$_POST, $_SERVER], true)); + $this->error(401, 'session cookie is required'); } @session_start(); if (empty($_SESSION['user'])) { - $this->error(401, 'Invalid sessionid cookie'); + $this->error(401, 'Expired sessionid cookie, and no Authorization header was provided'); } if (!$this->db->firstColumn('SELECT 1 FROM users WHERE id = ?;', $_SESSION['user']->id)) {