closes chriskacerguis#332

Author: Chris Kacerguis

application/libraries/REST_Controller.php

@@ -1257,12 +1257,16 @@ protected function _perform_library_auth($username = '', $password = null)
      * @param  string  $password The user's password
      * @return boolean
      */
-    protected function _check_login($username = '', $password = null)
+    protected function _check_login($username = '', $password = false)
     {
         if (empty($username)) {
             return false;
         }
 
+        if ($password === false) {
+            return false;
+        }
+
         $auth_source = strtolower($this->config->item('auth_source'));
 
         if ($auth_source == 'ldap') {
@@ -1279,12 +1283,11 @@ protected function _check_login($username = '', $password = null)
 
         $valid_logins = $this->config->item('rest_valid_logins');
 
-        if ( ! array_key_exists($username, $valid_logins)) {
+        if (!array_key_exists($username, $valid_logins)) {
             return false;
         }
 
-        // If actually null (not empty string) then do not check it
-        if ($password === null and $valid_logins[$username] != $password) {
+        if ($valid_logins[$username] != $password) {
             return false;
         }