From 122ac485f7330a9544504e2355fbdf53124e5702 Mon Sep 17 00:00:00 2001
From: z0rglub <z0rglub@piwigo.org>
Date: Tue, 9 Sep 2003 18:36:25 +0000
Subject: Security improve : you can't display a picture in a category it
 doesn't belong to

git-svn-id: http://piwigo.org/svn/trunk@84 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 picture.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/picture.php b/picture.php
index 56bd461b2..403301de7 100644
--- a/picture.php
+++ b/picture.php
@@ -36,7 +36,6 @@ $query.= ';';
 @mysql_query( $query );
 //-------------------------------------------------------------- initialization
 initialize_category( 'picture' );
-$cat_directory = $page['cat_dir']; // by default
 //------------------------------------- main picture information initialization
 $query = 'SELECT id,date_available,comment,hit,keywords';
 $query.= ',author,name,file,date_creation,filesize,width,height';
@@ -52,6 +51,15 @@ $query.= ' AND id = '.$_GET['image_id'];
 $query.= $conf['order_by'];
 $query.= ';';
 $result = mysql_query( $query );
+// if this image_id doesn't correspond to this category, an error message is
+// displayed, and execution is stopped
+if ( mysql_num_rows( $result ) == 0 )
+{
+  echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
+  echo '<a href="'.add_session_id( './category.php' ).'">';
+  echo $lang['thumbnails'].'</a></div>';
+  exit();
+}
 $row = mysql_fetch_array( $result );
 $page['id']             = $row['id'];
 $page['file']           = $row['file'];
-- 
cgit v1.2.3