From 3bb7e191bb9e61e63009462519773fb2002a307c Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.org.ru>
Date: Wed, 16 Dec 2009 16:40:15 +0300
Subject: [PATCH] api: allow session id overriding

---
 api/index.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/api/index.php b/api/index.php
index 1b263daa1..6126c3628 100644
--- a/api/index.php
+++ b/api/index.php
@@ -12,6 +12,12 @@
 	$session_expire = SESSION_EXPIRE_TIME; //seconds
 	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid_api" : TTRSS_SESSION_NAME . "_api";
 
+	session_name($session_name);
+
+	if ($_REQUEST["sid"]) {
+		session_id($_REQUEST["sid"]);
+	}
+
 	session_start();
 
 	if (!$link) {
@@ -57,7 +63,7 @@
 
 			if (get_pref($link, "ENABLE_API_ACCESS", $uid)) {
 				if (authenticate_user($link, $login, $password)) {
-					print json_encode(array("uid" => $_SESSION["uid"]));
+					print json_encode(array("session_id" => session_id()));
 				} else {
 					print json_encode(array("error" => "LOGIN_ERROR"));
 				}
@@ -68,7 +74,7 @@
 			break;
 		case "logout":
 			logout_user();
-			print json_encode(array("uid" => 0));
+			print json_encode(array("status" => "OK"));
 			break;
 		case "isLoggedIn":
 			print json_encode(array("status" => $_SESSION["uid"] != ''));
-- 
GitLab