X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/57aeccccc8d23adceac028616b7877ae6c4e0c87..0a8c26e596b40da6d428a5c91db0d815d13c89e4:/app/controllers/amf_controller.rb

diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb
index 47f8f2458..8db813b38 100644
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -1,6 +1,7 @@
 class AmfController < ApplicationController
   require 'stringio'
 
+  session :off
   before_filter :check_availability
 
   # to log:
@@ -735,12 +736,13 @@ def array2tag(a)
 end
 
 def getuserid(token)
-  token=sqlescape(token)
-  if (token=~/^(.+)\+(.+)$/) then
-    return ActiveRecord::Base.connection.select_value("SELECT id FROM users WHERE active=1 AND email='#{$1}' AND pass_crypt=MD5('#{$2}')")
+  if (token =~ /^(.+)\+(.+)$/) then
+    user = User.authenticate(:username => $1, :password => $2)
   else
-    return ActiveRecord::Base.connection.select_value("SELECT id FROM users WHERE active=1 AND token='#{token}'")
+    user = User.authenticate(:token => token)
   end
+
+  return user ? user.id : nil;
 end