From: Coleman Watts Date: Sat, 1 Aug 2015 14:32:32 +0000 (-0400) Subject: CRM_Utils_REST cleanup X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=650ff6351383992ec77abface9b7f121f16ae07e;p=civicrm-core.git CRM_Utils_REST cleanup --- diff --git a/CRM/Utils/REST.php b/CRM/Utils/REST.php index 011c2bd6e1..4bac9b7db5 100644 --- a/CRM/Utils/REST.php +++ b/CRM/Utils/REST.php @@ -309,7 +309,7 @@ class CRM_Utils_REST { } } else { - // or the new format (entity+action) + // or the api format (entity+action) $args = array(); $args[0] = 'civicrm'; $args[1] = CRM_Utils_array::value('entity', $requestParams); @@ -329,10 +329,7 @@ class CRM_Utils_REST { } // At this point we know we are not calling ping which does not require authentication. - // Therefore, at this point we need to make sure we're working with a trusted user. - // Valid users are those who provide a valid server key and API key - - $valid_user = FALSE; + // Therefore we now need a valid server key and API key // Check and see if a valid secret API key is provided. $api_key = CRM_Utils_Request::retrieve('api_key', 'String', $store, FALSE, NULL, 'REQUEST'); @@ -535,7 +532,7 @@ class CRM_Utils_REST { $requestParams = CRM_Utils_Request::exportValues(); require_once 'api/v3/utils.php'; - // Why is $config undefined -- $config = CRM_Core_Config::singleton(); + $config = CRM_Core_Config::singleton(); if (!$config->debug && (!array_key_exists('HTTP_X_REQUESTED_WITH', $_SERVER) || $_SERVER['HTTP_X_REQUESTED_WITH'] != "XMLHttpRequest" )