Small improvement to the API (#1372)

This PR returns error codes via API when passing incorrect data or failed authentication.

Co-authored-by: Daniel <alexis@pop-os.localdomain>
Co-authored-by: Raphael Schneeberger <rs@scit.ch>
Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>

web/api/index.php

@@ -11,6 +11,10 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
         }
 
         $password = $_POST['password'];
+        if (!isset($password)){
+            echo 'Error: missing authentication';
+            exit;
+        }
         $v_ip = escapeshellarg($_SERVER['REMOTE_ADDR']);
         $output = '';
         exec (HESTIA_CMD."v-get-user-salt admin ".$v_ip." json" , $output, $return_var);
@@ -59,15 +63,11 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
                 exit;
             }
         } else {
-            $return_var = 1;
+            echo 'Error: authentication failed';
+            exit;
         }
     }
 
-    if ( $return_var > 0 ) {
-        echo 'Error: authentication failed';
-        exit;
-    }
-
     // Prepare arguments
     if (isset($_POST['cmd'])) $cmd = escapeshellarg($_POST['cmd']);
     if (isset($_POST['arg1'])) $arg1 = escapeshellarg($_POST['arg1']);
@@ -122,4 +122,7 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
             echo implode("\n",$output)."\n";
         }
     }
+} else {
+    echo "Error: data received is null or invalid, check https://docs.hestiacp.com/admin_docs/rest_api.html";
+    exit;
 }