Replace the old session cleanup daemon with a new script to be run from

[rails.git] / app / controllers / amf_controller.rb

diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb
index 47f8f24584375699bfd19713eed40c92458b0887..8db813b38602e1c5348de7a20017f7851909c902 100644 (file)
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -1,6 +1,7 @@
 class AmfController < ApplicationController
   require 'stringio'
 
+  session :off
   before_filter :check_availability
 
   # to log:
@@ -735,12 +736,13 @@ def array2tag(a)
 end
 
 def getuserid(token)
-  token=sqlescape(token)
-  if (token=~/^(.+)\+(.+)$/) then
-    return ActiveRecord::Base.connection.select_value("SELECT id FROM users WHERE active=1 AND email='#{$1}' AND pass_crypt=MD5('#{$2}')")
+  if (token =~ /^(.+)\+(.+)$/) then
+    user = User.authenticate(:username => $1, :password => $2)
   else
-    return ActiveRecord::Base.connection.select_value("SELECT id FROM users WHERE active=1 AND token='#{token}'")
+    user = User.authenticate(:token => token)
   end
+
+  return user ? user.id : nil;
 end