diff options
author | rvelices <rv-github@modusoptimus.com> | 2007-02-23 13:18:34 +0000 |
---|---|---|
committer | rvelices <rv-github@modusoptimus.com> | 2007-02-23 13:18:34 +0000 |
commit | cb2408a82c9bc93bef177dc33a8981bc36800839 (patch) | |
tree | 85728267a379dd1b39ac089ab2021f000e6cb668 /include/ws_functions.inc.php | |
parent | 6f03e29735ea395f31d09bbfd15a4e15eaf961e3 (diff) |
Plugins:
- display author and and author url (if present) on plugin admin page
- uniformized versions/authors... for all plugins in svn
- security fix (html escape name, version, uri, author... to avoid javascript injection which could automatically simulate click on Install)
- added confirmation for install/uninstall plugins
Web services:
- web service explorer now caches method details in order to avoid unnecessary web calls
- web service explorer can now send parameters as arrays
- web service explorer uses now prototype.js version 1.5
- small improvements
- added and use function bad_request (sends http status code 400)
git-svn-id: http://piwigo.org/svn/trunk@1852 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/ws_functions.inc.php')
-rw-r--r-- | include/ws_functions.inc.php | 51 |
1 files changed, 23 insertions, 28 deletions
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php index 8af08204c..c68d5d195 100644 --- a/include/ws_functions.inc.php +++ b/include/ws_functions.inc.php @@ -269,8 +269,11 @@ function ws_std_get_image_xml_attributes() */ function ws_getVersion($params, &$service) { -// TODO = Version availability is under control of $conf['show_version'] - return PHPWG_VERSION; + global $conf; + if ($conf['show_version']) + return PHPWG_VERSION; + else + return new PwgError(403, 'Forbidden'); } @@ -336,14 +339,15 @@ SELECT id, name, image_order $where_clauses[] = ws_addControls( 'categories.getImages', $params, 'i.' ); $order_by = ws_std_image_sql_order($params, 'i.'); - if (empty($order_by)) - {// TODO check for category order by (image_order) - $order_by = $conf['order_by']; - } - else + if ( empty($order_by) + and count($params['cat_id'])==1 + and isset($cats[ $params['cat_id'][0] ]['image_order']) + ) { - $order_by = 'ORDER BY '.$order_by; + $order_by = $cats[ $params['cat_id'][0] ]['image_order']; } + $order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by; + $query = ' SELECT i.*, GROUP_CONCAT(category_id) cat_ids FROM '.IMAGES_TABLE.' i @@ -499,6 +503,10 @@ ORDER BY global_rank'; */ function ws_images_addComment($params, &$service) { + if (!$service->isPost()) + { + return new PwgError(405, "This method requires HTTP POST"); + } $params['image_id'] = (int)$params['image_id']; $query = ' SELECT DISTINCT image_id @@ -579,7 +587,7 @@ LIMIT 1;'; $image_row = mysql_fetch_assoc(pwg_query($query)); if ($image_row==null) { - return new PwgError(999, "image_id not found"); + return new PwgError(404, "image_id not found"); } $image_row = array_merge( $image_row, ws_std_get_urls($image_row) ); @@ -859,7 +867,7 @@ function ws_session_login($params, &$service) if (!$service->isPost()) { - return new PwgError(400, "This method requires POST"); + return new PwgError(405, "This method requires HTTP POST"); } if (try_log_user($params['username'], $params['password'],false)) { @@ -942,32 +950,19 @@ function ws_tags_getImages($params, &$service) { @include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php'); global $conf; - + // first build all the tag_ids we are interested in - $tag_ids = array(); - $tags = get_available_tags(); + $params['tag_id'] = array_map( 'intval',$params['tag_id'] ); + $tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']); $tags_by_id = array(); - for( $i=0; $i<count($tags); $i++ ) - { - $tags[$i]['id']=(int)$tags[$i]['id']; - } foreach( $tags as $tag ) { + $tags['id'] = (int)$tag['id']; $tags_by_id[ $tag['id'] ] = $tag; - if ( - in_array($tag['name'], $params['tag_name']) - or - in_array($tag['url_name'], $params['tag_url_name']) - or - in_array($tag['id'], $params['tag_id']) - ) - { - $tag_ids[] = $tag['id']; - } } unset($tags); + $tag_ids = array_keys($tags_by_id); - $tag_ids = array_unique( $tag_ids ); $image_ids = array(); $image_tag_map = array(); |