X-Git-Url: https://dev.renevier.net/gitweb.cgi?a=blobdiff_plain;f=api.php;h=c3405e8ec6259c53ee5598b1348ab718083fe40e;hb=6ed52a410c46e71be24422df3a9e9c631376a9d1;hp=bb89c55d924e572ae048d443e89f739738683991;hpb=756e90840f47c110d346c863238375bb59a10475;p=syp.git diff --git a/api.php b/api.php index bb89c55..c3405e8 100644 --- a/api.php +++ b/api.php @@ -3,7 +3,8 @@ license. */ function exit_document ($body) { - exit ("$body"); + $charset_meta = ''; + exit ("$charset_meta$body"); } function success ($reason) { @@ -254,6 +255,7 @@ function main ($con) { if ($_POST ["keep_img"] == "yes") { $imgpath = $feature->imgpath; } else { + error_request (); $imgpath = save_uploaded_file ($_FILES ["image_file"], $con); } @@ -294,6 +296,7 @@ function main ($con) { success_feature ($new_feature, "update"); break; case "add": + error_request (); $imgpath = save_uploaded_file ($_FILES ["image_file"], $con); $lon = $_POST ["lon"]; @@ -313,6 +316,7 @@ function main ($con) { success_feature ($feature, "add"); break; case "del": + error_request (); $id = $_POST ["fid"]; $feature = $con->getfeature ($id); if (!isset ($feature)) { @@ -335,6 +339,7 @@ function main ($con) { success_delete_feature ($feature); case "changepass": + error_request (); $currpass = unquote ($_POST ["pass_current"]); if (!$con->checkpwdmd5 ($user, md5 ($currpass))) { error_wrongpass (); @@ -349,6 +354,7 @@ function main ($con) { success_changepass ($user); break; case "newuser": + error_request (); if ($user != "admin") { error_unauthorized (); }