X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=phpfspot.git;a=blobdiff_plain;f=rpc.php;h=4bb297331abbad7bff7d38a9e2c66704f8788743;hp=2e3045923c6c0052fdfb476165355e2732b2ee31;hb=1b98418fc7f31d2d10364a60bc798ee85ef7add1;hpb=6e2d319e3b4fb0aac55413bbcc121669a19e3720 diff --git a/rpc.php b/rpc.php index 2e30459..4bb2973 100644 --- a/rpc.php +++ b/rpc.php @@ -31,7 +31,7 @@ class PHPFSPOT_RPC { } // __construct() - function process_ajax_request() + public function process_ajax_request() { require_once 'HTML/AJAX/Server.php'; @@ -40,71 +40,84 @@ class PHPFSPOT_RPC { $fspot = new PHPFSPOT(); - switch($_GET['action']) { - case 'showphoto': + /* if no action is specified, no need to further process this + * function here. + */ + if(!isset($_GET['action']) && !isset($_POST['action'])) + return; + + if(isset($_GET['action'])) + $action = $_GET['action']; + if(isset($_POST['action'])) + $action = $_POST['action']; - $fspot->showPhoto($_GET['id']); + switch($action) { + case 'showphoto': + if(isset($_GET['id']) && is_numeric($_GET['id'])) { + $fspot->showPhoto($_GET['id']); + } break; case 'show_available_tags': - - $fspot->getAvailableTags(); + print $fspot->getAvailableTags(); break; case 'show_selected_tags': - - $fspot->getSelectedTags(); + print $fspot->getSelectedTags(); break; case 'addtag': - - $fspot->addTag($_GET['id']); + if(isset($_POST['id']) && is_numeric($_POST['id'])) { + print $fspot->addTag($_POST['id']); + } break; case 'deltag': - - $fspot->delTag($_GET['id']); + if(isset($_POST['id']) && is_numeric($_POST['id'])) { + print $fspot->delTag($_POST['id']); + } break; case 'reset': - $fspot->resetTagSearch(); + $fspot->resetNameSearch(); $fspot->resetTags(); $fspot->resetDateSearch(); $fspot->resetPhotoView(); break; case 'tagcondition': - - $fspot->setTagCondition($_GET['mode']); + if(isset($_POST['mode']) && in_array($_POST['mode'], Array('or', 'and'))) { + print $fspot->setTagCondition($_POST['mode']); + } break; case 'show_photo_index': - - $_SESSION['begin_with'] = $_GET['begin_with']; + if(isset($_GET['begin_with']) && is_numeric($_GET['begin_with'])) { + $_SESSION['begin_with'] = $_GET['begin_with']; + } + else { + unset($_SESSION['begin_with']); + } $fspot->showPhotoIndex(); break; case 'showcredits': - $fspot->showCredits(); break; - case 'tag_search': - - $fspot->resetDateSearch(); - $fspot->startTagSearch($_GET['for']); + case 'search': + print $fspot->startSearch($_GET['for']); break; - case 'date_search': - - $fspot->resetTagSearch(); - $fspot->resetTags(); - $fspot->startDateSearch($_GET['from'], $_GET['to']); + case 'update_sort_order': + if(isset($_POST['value']) && is_string($_POST['value'])) { + print $fspot->updateSortOrder($_POST['value']); + } break; case 'get_export': - + /* $_GET['mode'] will be validated by getExport() */ $fspot->getExport($_GET['mode']); break; @@ -113,18 +126,34 @@ class PHPFSPOT_RPC { break; case 'get_calendar_matrix': - $fspot->get_calendar_matrix($_GET['year'], $_GET['month'], $_GET['day']); + if((is_numeric($_GET['year']) || !isset($_GET['year'])) && + (is_numeric($_GET['month']) || !isset($_GET['month'])) && + (is_numeric($_GET['day']) || !isset($_GET['day']))) { + $fspot->get_calendar_matrix($_GET['year'], $_GET['month'], $_GET['day']); + } break; case 'what_to_do': print $fspot->whatToDo(); break; + case 'reset_slideshow': + print $fspot->resetSlideShow(); + break; + + case 'get_next_slideshow_img': + print $fspot->getNextSlideShowImage(); + break; + + case 'get_prev_slideshow_img': + print $fspot->getPrevSlideShowImage(); + break; + } } // process_ajax_request(); -} +} // class PHPFSPOT_RPC $rpc = new PHPFSPOT_RPC(); $rpc->process_ajax_request();