aboutsummaryrefslogtreecommitdiffstats
path: root/include/ws_functions.inc.php
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2007-02-23 13:18:34 +0000
committerrvelices <rv-github@modusoptimus.com>2007-02-23 13:18:34 +0000
commitcb2408a82c9bc93bef177dc33a8981bc36800839 (patch)
tree85728267a379dd1b39ac089ab2021f000e6cb668 /include/ws_functions.inc.php
parent6f03e29735ea395f31d09bbfd15a4e15eaf961e3 (diff)
Plugins:
- display author and and author url (if present) on plugin admin page - uniformized versions/authors... for all plugins in svn - security fix (html escape name, version, uri, author... to avoid javascript injection which could automatically simulate click on Install) - added confirmation for install/uninstall plugins Web services: - web service explorer now caches method details in order to avoid unnecessary web calls - web service explorer can now send parameters as arrays - web service explorer uses now prototype.js version 1.5 - small improvements - added and use function bad_request (sends http status code 400) git-svn-id: http://piwigo.org/svn/trunk@1852 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/ws_functions.inc.php')
-rw-r--r--include/ws_functions.inc.php51
1 files changed, 23 insertions, 28 deletions
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php
index 8af08204c..c68d5d195 100644
--- a/include/ws_functions.inc.php
+++ b/include/ws_functions.inc.php
@@ -269,8 +269,11 @@ function ws_std_get_image_xml_attributes()
*/
function ws_getVersion($params, &$service)
{
-// TODO = Version availability is under control of $conf['show_version']
- return PHPWG_VERSION;
+ global $conf;
+ if ($conf['show_version'])
+ return PHPWG_VERSION;
+ else
+ return new PwgError(403, 'Forbidden');
}
@@ -336,14 +339,15 @@ SELECT id, name, image_order
$where_clauses[] = ws_addControls( 'categories.getImages', $params, 'i.' );
$order_by = ws_std_image_sql_order($params, 'i.');
- if (empty($order_by))
- {// TODO check for category order by (image_order)
- $order_by = $conf['order_by'];
- }
- else
+ if ( empty($order_by)
+ and count($params['cat_id'])==1
+ and isset($cats[ $params['cat_id'][0] ]['image_order'])
+ )
{
- $order_by = 'ORDER BY '.$order_by;
+ $order_by = $cats[ $params['cat_id'][0] ]['image_order'];
}
+ $order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
+
$query = '
SELECT i.*, GROUP_CONCAT(category_id) cat_ids
FROM '.IMAGES_TABLE.' i
@@ -499,6 +503,10 @@ ORDER BY global_rank';
*/
function ws_images_addComment($params, &$service)
{
+ if (!$service->isPost())
+ {
+ return new PwgError(405, "This method requires HTTP POST");
+ }
$params['image_id'] = (int)$params['image_id'];
$query = '
SELECT DISTINCT image_id
@@ -579,7 +587,7 @@ LIMIT 1;';
$image_row = mysql_fetch_assoc(pwg_query($query));
if ($image_row==null)
{
- return new PwgError(999, "image_id not found");
+ return new PwgError(404, "image_id not found");
}
$image_row = array_merge( $image_row, ws_std_get_urls($image_row) );
@@ -859,7 +867,7 @@ function ws_session_login($params, &$service)
if (!$service->isPost())
{
- return new PwgError(400, "This method requires POST");
+ return new PwgError(405, "This method requires HTTP POST");
}
if (try_log_user($params['username'], $params['password'],false))
{
@@ -942,32 +950,19 @@ function ws_tags_getImages($params, &$service)
{
@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
global $conf;
-
+
// first build all the tag_ids we are interested in
- $tag_ids = array();
- $tags = get_available_tags();
+ $params['tag_id'] = array_map( 'intval',$params['tag_id'] );
+ $tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
$tags_by_id = array();
- for( $i=0; $i<count($tags); $i++ )
- {
- $tags[$i]['id']=(int)$tags[$i]['id'];
- }
foreach( $tags as $tag )
{
+ $tags['id'] = (int)$tag['id'];
$tags_by_id[ $tag['id'] ] = $tag;
- if (
- in_array($tag['name'], $params['tag_name'])
- or
- in_array($tag['url_name'], $params['tag_url_name'])
- or
- in_array($tag['id'], $params['tag_id'])
- )
- {
- $tag_ids[] = $tag['id'];
- }
}
unset($tags);
+ $tag_ids = array_keys($tags_by_id);
- $tag_ids = array_unique( $tag_ids );
$image_ids = array();
$image_tag_map = array();