added text how to open phpfspot in the browser

[phpfspot.git] / phpfspot.class.php

diff --git a/phpfspot.class.php b/phpfspot.class.php
index 3d707a82fb7137142608091c9a4a627fbc914f29..b82fbeef01d5333f4d2477591c1a6e6f257ab4d5 100644 (file)
--- a/phpfspot.class.php
+++ b/phpfspot.class.php
@@ -112,21 +112,21 @@ class PHPFSPOT {
       switch($_GET['mode']) {
          case 'showpi':
             if(isset($_GET['tags'])) {
-               $_SESSION['selected_tags'] = split(',', $_GET['tags']);
+               $_SESSION['selected_tags'] = $this->extractTags($_GET['tags']);
             }
             if(isset($_GET['from_date']) && $this->isValidDate($_GET['from_date'])) {
-               $_SESSION['from_date'] = strtotime($_GET['from_date']);
+               $_SESSION['from_date'] = strtotime($_GET['from_date'] ." 00:00:00");
             }
             if(isset($_GET['to_date']) && $this->isValidDate($_GET['to_date'])) {
-               $_SESSION['to_date'] = strtotime($_GET['to_date']);
+               $_SESSION['to_date'] = strtotime($_GET['to_date'] ." 23:59:59");
             }
             break;
          case 'showp':
             if(isset($_GET['tags'])) {
-               $_SESSION['selected_tags'] = split(',', $_GET['tags']);
+               $_SESSION['selected_tags'] = $this->extractTags($_GET['tags']);
                $_SESSION['start_action'] = 'showp';
             }
-            if(isset($_GET['id'])) {
+            if(isset($_GET['id']) && is_numeric($_GET['id'])) {
                $_SESSION['current_photo'] = $_GET['id'];
                $_SESSION['start_action'] = 'showp';
             }
@@ -156,7 +156,6 @@ class PHPFSPOT {
       $this->tmpl->assign('content_page', 'welcome.tpl');
       $this->tmpl->show("index.tpl");
 
-
    } // show()
 
    /**
@@ -1443,9 +1442,9 @@ class PHPFSPOT {
     */
    private function get_calendar($mode)
    {
-      $year = $_SESSION[$mode .'_date'] ? date("Y", strtotime($_SESSION[$mode .'_date'])) : date("Y");
-      $month = $_SESSION[$mode .'_date'] ? date("m", strtotime($_SESSION[$mode .'_date'])) : date("m");
-      $day = $_SESSION[$mode .'_date'] ? date("d", strtotime($_SESSION[$mode .'_date'])) : date("d");
+      $year = $_SESSION[$mode .'_date'] ? date("Y", $_SESSION[$mode .'_date']) : date("Y");
+      $month = $_SESSION[$mode .'_date'] ? date("m", $_SESSION[$mode .'_date']) : date("m");
+      $day = $_SESSION[$mode .'_date'] ? date("d", $_SESSION[$mode .'_date']) : date("d");
 
       $output = "<input type=\"text\" size=\"3\" id=\"". $mode ."year\" value=\"". $year ."\"";
       if(!isset($_SESSION[$mode .'_date'])) $output.= " disabled=\"disabled\"";
@@ -1624,9 +1623,8 @@ class PHPFSPOT {
       if(isset($_SESSION['current_photo']) && $_SESSION['start_action'] == 'showp') {
          return "show_photo";
       }
-      elseif((isset($_SESSION['selected_tags']) && !empty($_SESSION['selected_tags'])) ||
-         (isset($_SESSION['from_date']) && isset($_SESSION['to_date']))) {
-         return "showpi";
+      elseif(isset($_SESSION['selected_tags']) && !empty($_SESSION['selected_tags'])) {
+         return "showpi_tags";
       }
       elseif(isset($_SESSION['start_action']) && $_SESSION['start_action'] == 'showpi') {
          return "showpi";
@@ -1796,6 +1794,20 @@ class PHPFSPOT {
       return strftime("%Y-%m-%d", $timestamp);
    } // ts2str()
 
+   private function extractTags($tags_str)
+   {
+      $not_validated = split(',', $_GET['tags']);
+      $validated = array();
+
+      foreach($not_validated as $tag) {
+         if(is_numeric($tag))
+            array_push($validated, $tag);
+      }
+   
+      return $validated;
+   
+   } // extractTags()
+
 }
 
 ?>