diff options
Diffstat (limited to 'rpc.php')
-rw-r--r-- | rpc.php | 34 |
1 files changed, 18 insertions, 16 deletions
@@ -42,32 +42,32 @@ class PHPFSPOT_RPC { switch($_GET['action']) { case 'showphoto': - - $fspot->showPhoto($_GET['id']); + if(isset($_GET['id']) && is_numeric($_GET['id'])) { + $fspot->showPhoto($_GET['id']); + } break; case 'show_available_tags': - $fspot->getAvailableTags(); break; case 'show_selected_tags': - $fspot->getSelectedTags(); break; case 'addtag': - - $fspot->addTag($_GET['id']); + if(isset($_GET['id']) && is_numeric($_GET['id'])) { + $fspot->addTag($_GET['id']); + } break; case 'deltag': - - $fspot->delTag($_GET['id']); + if(isset($_GET['id']) && is_numeric($_GET['id'])) { + $fspot->delTag($_GET['id']); + } break; case 'reset': - $fspot->resetTagSearch(); $fspot->resetTags(); $fspot->resetDateSearch(); @@ -75,28 +75,30 @@ class PHPFSPOT_RPC { break; case 'tagcondition': - - $fspot->setTagCondition($_GET['mode']); + if(isset($_GET['mode']) && in_array($_GET['mode'], Array('or', 'and'))) { + $fspot->setTagCondition($_GET['mode']); + } break; case 'show_photo_index': - - $_SESSION['begin_with'] = $_GET['begin_with']; + if(isset($_GET['begin_with']) && is_numeric($_GET['begin_with'])) { + $_SESSION['begin_with'] = $_GET['begin_with']; + } + else { + unset($_SESSION['begin_with']); + } $fspot->showPhotoIndex(); break; case 'showcredits': - $fspot->showCredits(); break; case 'search': - $fspot->startSearch($_GET['for'], $_GET['from'], $_GET['to'], $_GET['sort_order']); break; case 'get_export': - $fspot->getExport($_GET['mode']); break; |