aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorvdigital <vdigital@piwigo.org>2007-02-23 23:25:34 +0000
committervdigital <vdigital@piwigo.org>2007-02-23 23:25:34 +0000
commitf800d4fb40468fbf255ac78ccd2da82544f8d557 (patch)
tree1498f742bf9667bf3e8e76e875f2a5b1028eee84 /include
parentcb2408a82c9bc93bef177dc33a8981bc36800839 (diff)
New / Web Services:
- ws_checker.php makes its own web service request to control availability - config_default.inc.php : comment for cURL support needed for checker - ws_function authorize session and getVersion for any partner - help review New Admin Menu: review. git-svn-id: http://piwigo.org/svn/trunk@1853 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include')
-rw-r--r--include/config_default.inc.php2
-rw-r--r--include/ws_functions.inc.php10
2 files changed, 9 insertions, 3 deletions
diff --git a/include/config_default.inc.php b/include/config_default.inc.php
index 6fd1b0b26..3c3d0e7e0 100644
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@@ -605,7 +605,7 @@ $conf['allow_web_services'] = true;
// Maximum number of images to be returned foreach call to the web service
$conf['ws_max_images_per_page'] = 500;
-// On Access control false
+// On Access control false / Admim Web Service need Php cURL extension
// Controls are done on public basis or
// if connected on member authorization basis
$conf['ws_access_control'] = false;
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php
index c68d5d195..e19966673 100644
--- a/include/ws_functions.inc.php
+++ b/include/ws_functions.inc.php
@@ -59,8 +59,10 @@ SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
return new PwgError(403, 'Partner id does not exist or is expired');
}
if ( !empty($row['request'])
- and strpos($methodName, $row['request'])==false )
- {
+ and strpos($methodName, $row['request'])==false
+ and strpos($methodName, 'session')==false
+ and strpos($methodName, 'getVersion')==false )
+ { // session and getVersion are allowed to diagnose any failure reason
return new PwgError(403, 'Method not allowed');
}
@@ -114,6 +116,10 @@ $result = pwg_query($query);
// 3 cases: list, cat or tag
// Behind / we could found img-ids, cat-ids or tag-ids
$target = $row['access'];
+ if ( $target == '')
+ {
+ return '1=1'; // No controls are requested
+ }
list($type, $str_ids) = explode('/',$target); // Find type list
// (array) 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6,