X-Git-Url: https://dev.renevier.net/gitweb.cgi?p=syp.git;a=blobdiff_plain;f=api.php;h=2dbfac4857a88e258513b114b3dcdb262ad770a3;hp=fda62ff32389e1a630759a43e5d3643b9b44d29e;hb=19730f2e2bbf61f389882c646f58349df3bcd848;hpb=939514b912738c5784b04a0d207db1afd918eb69

diff --git a/api.php b/api.php
index fda62ff..2dbfac4 100644
--- a/api.php
+++ b/api.php
@@ -3,7 +3,8 @@
    license. */
 
 function exit_document ($body) {
-    exit ("<html><head></head><body>$body</body></html>");
+    $charset_meta = '<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">';
+    exit ("<html>$charset_meta<head></head><body>$body</body></html>");
 }
 
 function success ($reason) {
@@ -192,8 +193,14 @@ function setcookies ($user, $pwd) {
     // cookie will be valid for 2 weeks. I've chosen that value
     // arbitrarily, and it may change in the future.
     $time = time () + 14 * 60 * 24 * 60;
-    setcookie (sprintf ("%sauth", DBPREFIX), md5 ($pwd), $time, "" , "", false, true);
-    setcookie (sprintf ("%suser", DBPREFIX), $user, $time, "" , "", false, true);
+    if (version_compare (PHP_VERSION, '5.2.0', '>=')) {
+        setcookie (sprintf ("%sauth", DBPREFIX), md5 ($pwd), $time, "" , "", false, true);
+        setcookie (sprintf ("%suser", DBPREFIX), $user, $time, "" , "", false, true);
+    } else {
+        setcookie (sprintf ("%sauth", DBPREFIX), md5 ($pwd), $time, "" , "", false);
+        setcookie (sprintf ("%suser", DBPREFIX), $user, $time, "" , "", false);
+    }
+
 }
 
 function check_auth ($con, $user, $pwd, $auth_only) {
@@ -239,7 +246,7 @@ function main ($con) {
             if (!isset ($feature)) {
                 error_unreferenced ($id);
             }
-            if ($feature->user != $user) {
+            if (($feature->user != $user) && ($user != "admin")) {
                 error_unauthorized ();
             }
 
@@ -337,6 +344,9 @@ function main ($con) {
             try {
                 $con->setpwd ($user, $newpass);
             } catch (Exception $e) {
+                if ($e->getMessage () == anydbConnection::err_query) {
+                    error_request ();
+                }
                 error_server ();
             }
             setcookies ($user, $newpass);
@@ -357,6 +367,9 @@ function main ($con) {
             try {
                 $con->setpwd ($newuser_name, $newuser_password);
             } catch (Exception $e) {
+                if ($e->getMessage () == anydbConnection::err_query) {
+                    error_request ();
+                }
                 error_server ();
             }
             success_newuser ($newuser_name);
@@ -372,7 +385,7 @@ function main ($con) {
 if (!@include_once ("./inc/settings.php")) {
     error_server ();
 }
-require_once ("./inc/db/mysql.php");
+require_once ("./inc/db/" . (defined ("DBTYPE")? DBTYPE: "mysql") . ".php");
 require_once ("./inc/utils.php");
 
 try {