diff --git a/CHANGES b/CHANGES index 47db098..cc8bc1c 100644 --- a/CHANGES +++ b/CHANGES @@ -52,6 +52,7 @@ v2.38 (Unreleased) [fix] A few warnings triggered by sql query failures [fix] PHP 8.1-related warnings [fix] Updated bug URLs. + [fix] Deal with malformed feed requests v2.37.1 (December 3, 2012) diff --git a/src/feed.php b/src/feed.php index 84b9fcf..b7e85a7 100644 --- a/src/feed.php +++ b/src/feed.php @@ -54,6 +54,7 @@ foreach ($_REQUEST as $key => $value) { } $feedtype = isset($_REQUEST['type']) ? $_REQUEST['type'] : 'photos'; +$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : -1; switch ($feedtype) { case 'photos': @@ -64,32 +65,32 @@ case 'photos': $size = isset($_REQUEST['size']) ? pg_escape_string($database, $_REQUEST['size']) : 2; } $global_args = array(); - $global_args['size'] = $size; + $global_args['size'] = $size; switch ($_REQUEST['subtype']) { case 'user': - $user_id = pg_escape_string($database, $_REQUEST['id']); - + $user_id = pg_escape_string($database, $id); + $rss->title = $site_title . " : " . disp_user_string($database, $user_id, FALSE); $rss->description = $rss->title; $rss->link = $base_url . generate_link('user', $user_id); - $froms = array(); + $froms = array(); $master = "and photo_version.master = 't'"; //optional? $filter = "photo.users = '$user_id' $master"; break; case 'folder': - $folder_id = pg_escape_string($database, $_REQUEST['id']); - + $folder_id = pg_escape_string($database, $id); + $path_to_folder = get_path_to($database, 'folder', $folder_id, FALSE); - + $rss->title = $site_title . " $path_to_folder "; $rss->description = $rss->title; $rss->link = $base_url . generate_link('folder', $folder_id); - $froms = array('folder'); + $froms = array('folder'); $master = "and photo_version.master = 't'"; //optional? $filter = "photo.folder = '$folder_id' and folder.identifier = photo.folder $master"; @@ -97,25 +98,25 @@ case 'photos': break; case 'album': - $album_id = pg_escape_string($database, $_REQUEST['id']); - + $album_id = pg_escape_string($database, $id); + $path_to_album = get_path_to($database, 'album', $album_id, FALSE); - + $rss->title = $site_title . " $path_to_album "; $rss->description = $rss->title; $rss->link = $base_url . generate_link('album', $album_id); - + $global_args['album'] = $album_id; - + $froms = array('album_content'); $filter = "photo_version.identifier = album_content.version and photo.identifier = album_content.photo and album_content.album = $album_id"; - + break; case 'tag': - $search_data = $_REQUEST['id']; // this is escaped later. + $search_data = $id; // this is escaped later. $keywords = extract_keywords($search_data, $po_options['search_enable_stemming']); $sql_combined_search_string = build_sql_search_string_keywords($keywords); @@ -126,7 +127,7 @@ case 'photos': $froms = array(); $master_args = "and photo_version.master = 't'"; $filter = " ($sql_combined_search_string) $master_args"; - + break; default: @@ -145,10 +146,10 @@ case 'photos': $item = new FeedItem(); $item->title = $photo['caption']; - + $photo_args = $global_args; $photo_args['ver'] = $photo['version']; - + unset($photo_args['size']); $item->link = $base_url . generate_link('photo', $photo['identifier'], $photo_args); $item->guid = $item->link; @@ -185,11 +186,11 @@ case 'folder': } $sql_query_order_by_string = $folder_order_by_string[$order][0]; - $sql_query_access_rights_string = "can_access_folder(folder.identifier, $po_user[id], '{".$passwords."}')"; + $sql_query_access_rights_string = "can_access_folder(folder.identifier, $po_user[id], '{".$passwords."}')"; switch ($_REQUEST['subtype']) { case 'tag': - $search_data = $_REQUEST['id']; // is escaped later + $search_data = $id; // is escaped later $keywords = extract_keywords($search_data, $po_options['search_enable_stemming']); $sql_search_string = build_sql_search_string($keywords, "folder.caption"); @@ -204,7 +205,7 @@ case 'folder': break; case 'user': - $user_id = pg_escape_string($database, $_REQUEST['id']); + $user_id = pg_escape_string($database, $id); $rss->title = $site_title . " : " . disp_user_string($database, $user_id, FALSE); $rss->description = $rss->title; @@ -214,7 +215,7 @@ case 'folder': break; default: - $folder_id = pg_escape_string($database, $_REQUEST['id']); + $folder_id = pg_escape_string($database, $id); $path_to_folder = get_path_to($database, 'folder', $folder_id, FALSE); @@ -229,15 +230,15 @@ case 'folder': } else { $sql_search_string = " folder.parent_folder is null "; } - + // XXX restrict to single user? - + break; } $search_result = pg_query($database, "select caption, folder.identifier, date_of_creation, folder.date_changed, folder.description, - first_name, last_name, users.identifier as user_id, + first_name, last_name, users.identifier as user_id, count_subfolders_by_folder(folder.identifier, $po_user[id], '{".$passwords."}') as subs, count_photos_by_folder(folder.identifier, $po_user[id], '{".$passwords."}') as photos, thumb_ver from folder, users @@ -280,11 +281,11 @@ case 'album': } $sql_query_order_by_string = $folder_order_by_string[$order][0]; - $sql_query_access_rights_string = "can_access_album(album.identifier, $po_user[id], '{".$passwords."}')"; + $sql_query_access_rights_string = "can_access_album(album.identifier, $po_user[id], '{".$passwords."}')"; switch ($_REQUEST['subtype']) { case 'tag': - $search_data = $_REQUEST['id']; // is escaepd later + $search_data = $id; // is escaepd later $keywords = extract_keywords($search_data, $po_options['search_enable_stemming']); $sql_search_string = build_sql_search_string($keywords, "album.caption"); @@ -299,7 +300,7 @@ case 'album': break; case 'user': - $user_id = pg_escape_string($database, $_REQUEST['id']); + $user_id = pg_escape_string($database, $id); $rss->title = $site_title . " : " . disp_user_string($database, $user_id, FALSE); $rss->description = $rss->title; @@ -309,7 +310,7 @@ case 'album': break; default: - $album_id = pg_escape_string($database, $_REQUEST['id']); + $album_id = pg_escape_string($database, $id); $path_to_album = get_path_to($database, 'album', $album_id, FALSE); @@ -324,15 +325,15 @@ case 'album': } else { $sql_search_string = " album.parent_album is null "; } - + // XXX restrict to single user? - + break; } $search_result = pg_query($database, "select caption, album.identifier, date_of_creation, album.date_changed, album.description, - first_name, last_name, users.identifier as user_id, + first_name, last_name, users.identifier as user_id, count_subalbums_by_album(album.identifier, $po_user[id], '{".$passwords."}') as subs, count_photos_by_album(album.identifier, $po_user[id], '{".$passwords."}') as photos, thumb_ver from album, users