if ($_POST ["keep_img"] == "yes") {
$imgpath = $feature->imgpath;
} else {
+ error_request ();
$imgpath = save_uploaded_file ($_FILES ["image_file"], $con);
}
success_feature ($new_feature, "update");
break;
case "add":
+ error_request ();
$imgpath = save_uploaded_file ($_FILES ["image_file"], $con);
$lon = $_POST ["lon"];
success_feature ($feature, "add");
break;
case "del":
+ error_request ();
$id = $_POST ["fid"];
$feature = $con->getfeature ($id);
if (!isset ($feature)) {
success_delete_feature ($feature);
case "changepass":
+ error_request ();
$currpass = unquote ($_POST ["pass_current"]);
if (!$con->checkpwdmd5 ($user, md5 ($currpass))) {
error_wrongpass ();
success_changepass ($user);
break;
case "newuser":
+ error_request ();
if ($user != "admin") {
error_unauthorized ();
}