issue84, do not further process RPC request, if no action has been specified

[phpfspot.git] / rpc.php

diff --git a/rpc.php b/rpc.php
index d0a6c1c9e088ea68c96153a30705fee9af1371a8..4a8ca7c0e6a5f2af35dabed57d3f976e5bbd6b36 100644 (file)
--- a/rpc.php
+++ b/rpc.php
@@ -40,6 +40,12 @@ class PHPFSPOT_RPC {
 
       $fspot = new PHPFSPOT();
 
+      /* if no action is specified, no need to further process this
+       * function here.
+       */
+      if(!isset($_GET['action']))
+         return;
+
       switch($_GET['action']) {
          case 'showphoto':
             if(isset($_GET['id']) && is_numeric($_GET['id'])) {
@@ -95,10 +101,18 @@ class PHPFSPOT_RPC {
             break;
 
          case 'search':
-            $fspot->startSearch($_GET['for'], $_GET['from'], $_GET['to'], $_GET['sort_order']);
+               $fspot->startSearch($_GET['for'], $_GET['sort_order'], $_GET['from'], $_GET['to']);
+            
+            if((isset($_GET['from']) && $fspot->isValidDate($_GET['from'])) &&
+               (isset($_GET['to']) && $fspot->isValidDate($_GET['to']))) {
+            }
+            else {
+               $fspot->startSearch($_GET['for'], $_GET['sort_order']);
+            }
             break;
 
          case 'get_export':
+            /* $_GET['mode'] will be validated by getExport() */
             $fspot->getExport($_GET['mode']);
             break;
 
@@ -134,7 +148,7 @@ class PHPFSPOT_RPC {
 
    } // process_ajax_request();
 
-}
+} // class PHPFSPOT_RPC
 
 $rpc = new PHPFSPOT_RPC();
 $rpc->process_ajax_request();