/**
* @param string $email
* @param string $password
* @return bool
* @access public
*/
public function isValidLogin($email, $password)
{
if (!Auth::isCorrectPassword($email, $password) && !APIAuthToken::isTokenValidForEmail($password, $email)) {
$is_valid = false;
} else {
$is_valid = true;
}
return $is_valid;
}
/**
* NOTE: this needs to be public for PHP 5.3 compatibility
*
* @param ReflectionMethod $method
* @param array $params Method parameters in already decoded into PHP types
* @param bool $public true if method should not be protected with login/password
* @param array $pdesc Parameter descriptions
* @return string
*/
public function handle($method, $params, $public, $pdesc)
{
// there's method to set this via $client->setAutoBase64(true);
// but nothing at server side. where we actually need it
$GLOBALS['XML_RPC_auto_base64'] = true;
try {
if (!$public) {
list($email, $password) = $this->getAuthParams($params);
if (!Auth::isCorrectPassword($email, $password) && !APIAuthToken::isTokenValidForEmail($password, $email)) {
// FIXME: role is not checked here
throw new RemoteApiException("Authentication failed for {$email}. Your login/password/api key is invalid or you do not have the proper role.");
}
AuthCookie::setAuthCookie($email);
}
if ($pdesc) {
$this->decodeParams($params, $pdesc);
}
$res = $method->invokeArgs($this->api, $params);
} catch (Exception $e) {
global $XML_RPC_erruser;
$code = $e->getCode() ?: 1;
$res = new XML_RPC_Response(0, $XML_RPC_erruser + $code, $e->getMessage());
}
if (!$res instanceof XML_RPC_Response) {
$res = new XML_RPC_Response(XML_RPC_Encode($res));
}
return $res;
}
