API on remote server requires RELAY not be none. Log an error. Fix url being ruined by auth credentials

2020-02-25 17:12:48 -05:00 · 2020-02-25 17:12:48 -05:00 · 8fcd5b37ed
parent 7787ba1040
commit 8fcd5b37ed
2 changed files with 20 additions and 16 deletions
--- a/web/includes/Event.php
+++ b/web/includes/Event.php
@ -511,11 +511,12 @@ class Event extends ZM_Object {
      if ( ZM_OPT_USE_AUTH ) {
        if ( ZM_AUTH_RELAY == 'hashed' ) {
          $url .= '?auth='.generateAuthHash( ZM_AUTH_HASH_IPS );
-        } elseif ( ZM_AUTH_RELAY == 'plain' ) {
-          $url = '?user='.$_SESSION['username'];
-          $url = '?pass='.$_SESSION['password'];
-        } elseif ( ZM_AUTH_RELAY == 'none' ) {
-          $url = '?user='.$_SESSION['username'];
+        } else if ( ZM_AUTH_RELAY == 'plain' ) {
+          $url .= '?user='.$_SESSION['username'];
+          $url .= '?pass='.$_SESSION['password'];
+        } else {
+          Error('Multi-Server requires AUTH_RELAY be either HASH or PLAIN');
+          return;
        }
      }
      Logger::Debug("sending command to $url");
@ -557,12 +558,13 @@ class Event extends ZM_Object {
      $url = $Server->UrlToApi() . '/events/'.$this->{'Id'}.'.json';
      if ( ZM_OPT_USE_AUTH ) {
        if ( ZM_AUTH_RELAY == 'hashed' ) {
-          $url .= '?auth='.generateAuthHash( ZM_AUTH_HASH_IPS );
+          $url .= '?auth='.generateAuthHash(ZM_AUTH_HASH_IPS);
        } elseif ( ZM_AUTH_RELAY == 'plain' ) {
-          $url = '?user='.$_SESSION['username'];
-          $url = '?pass='.$_SESSION['password'];
-        } elseif ( ZM_AUTH_RELAY == 'none' ) {
-          $url = '?user='.$_SESSION['username'];
+          $url .= '?user='.$_SESSION['username'];
+          $url .= '?pass='.$_SESSION['password'];
+        } else {
+          Error('Multi-Server requires AUTH_RELAY be either HASH or PLAIN');
+          return;
        }
      }
      Logger::Debug("sending command to $url");
--- a/web/includes/Monitor.php
+++ b/web/includes/Monitor.php
@ -285,11 +285,12 @@ class Monitor extends ZM_Object {
      if ( ZM_OPT_USE_AUTH ) {
        if ( ZM_AUTH_RELAY == 'hashed' ) {
          $url .= '?auth='.generateAuthHash(ZM_AUTH_HASH_IPS);
-        } elseif ( ZM_AUTH_RELAY == 'plain' ) {
+        } else if ( ZM_AUTH_RELAY == 'plain' ) {
          $url .= '?user='.$_SESSION['username'];
          $url .= '?pass='.$_SESSION['password'];
-        } elseif ( ZM_AUTH_RELAY == 'none' ) {
-          $url .= '?user='.$_SESSION['username'];
+        } else {
+          Error('Multi-Server requires AUTH_RELAY be either HASH or PLAIN');
+          return;
        }
      }
      Logger::Debug("sending command to $url");
@ -343,11 +344,12 @@ class Monitor extends ZM_Object {
      if ( ZM_OPT_USE_AUTH ) {
        if ( ZM_AUTH_RELAY == 'hashed' ) {
          $url .= '?auth='.generateAuthHash(ZM_AUTH_HASH_IPS);
-        } elseif ( ZM_AUTH_RELAY == 'plain' ) {
+        } else if ( ZM_AUTH_RELAY == 'plain' ) {
          $url .= '?user='.$_SESSION['username'];
          $url .= '?pass='.$_SESSION['password'];
-        } elseif ( ZM_AUTH_RELAY == 'none' ) {
-          $url .= '?user='.$_SESSION['username'];
+        } else {
+          Error('Multi-Server requires AUTH_RELAY be either HASH or PLAIN');
+          return;
        }
      }
      Logger::Debug("sending command to $url");