From 77bc16f52520efe50ea0664b11f235897239a482 Mon Sep 17 00:00:00 2001
From: Karl 'vollmerk' Vollmer <vollmer@ampache.org>
Date: Tue, 18 Dec 2007 15:16:02 +0000
Subject: fixed dbl negative on xml api and enabled the timestamp check as well
 as fixed a typo in the config file

---
 lib/class/api.class.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'lib/class')

diff --git a/lib/class/api.class.php b/lib/class/api.class.php
index 40cff61f..c7391837 100644
--- a/lib/class/api.class.php
+++ b/lib/class/api.class.php
@@ -48,12 +48,13 @@ class Api {
 	public static function handshake($timestamp,$passphrase,$ip,$username='') { 
 
 		// If the timestamp is over 2hr old sucks to be them
-//		if ($timestamp < (time() - 7200)) { 
-//			return 'Timestamp too old, try again'; 
-//		} 
+		if ($timestamp < (time() - 14400)) { 
+			debug_event('API','Login Failed, timestamp too old','1'); 
+			return false; 
+		} 
 
 		// First we'll filter by username and IP 
-		if (!$username) { 
+		if (!trim($username)) { 
 			$user_id = '-1'; 
 		} 
 		else { 
-- 
cgit