mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 02:44:53 +00:00
Updated new API Validation with api-keys table and added some additonal log fields
This commit is contained in:
2
api.php
2
api.php
@@ -14,7 +14,7 @@ if(!isset($_GET['api_key']) OR empty($_GET['api_key'])) {
|
||||
|
||||
// Validate API key from GET request
|
||||
$api_key = mysqli_real_escape_string($mysqli,$_GET['api_key']);
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM api_keys, companies WHERE api_keys.company_id = companies.company_id AND api_keys.api_key_secret = '$api_key' AND api_key_expire > NOW()");
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM api_keys, companies WHERE api_keys.company_id = companies.company_id AND api_key_secret = '$api_key' AND api_key_expire > NOW()");
|
||||
if(mysqli_num_rows($sql) != 1){
|
||||
// Invalid Key
|
||||
header("HTTP/1.1 401 Unauthorized");
|
||||
|
||||
Reference in New Issue
Block a user