X-Git-Url: https://dev.renevier.net/gitweb.cgi?p=syp.git;a=blobdiff_plain;f=api.php;h=7895dadec249500bbd5cea178bd76c3421bdc5d4;hp=e74f3b46ff1e0d873f486053ae8f47f0aa157bbb;hb=8cff84ad1697a836c1361e669bd1b797957e75d0;hpb=a7bcc264414275e273cdf494f1be25a05bffd55c

diff --git a/api.php b/api.php
index e74f3b4..7895dad 100644
--- a/api.php
+++ b/api.php
@@ -255,6 +255,7 @@ function main ($con) {
             if ($_POST ["keep_img"] == "yes") {
                 $imgpath = $feature->imgpath;
             } else {
+                error_request ();
                 $imgpath = save_uploaded_file ($_FILES ["image_file"], $con);
             }
 
@@ -295,6 +296,7 @@ function main ($con) {
             success_feature ($new_feature, "update");
         break;
         case "add":
+            error_request ();
             $imgpath = save_uploaded_file ($_FILES ["image_file"], $con);
 
             $lon = $_POST ["lon"];
@@ -314,6 +316,7 @@ function main ($con) {
             success_feature ($feature, "add");
         break;
         case "del":
+            error_request ();
             $id = $_POST ["fid"];
             $feature = $con->getfeature ($id);
             if (!isset ($feature)) {
@@ -336,6 +339,7 @@ function main ($con) {
 
             success_delete_feature ($feature);
         case "changepass":
+            error_request ();
             $currpass = unquote ($_POST ["pass_current"]);
             if (!$con->checkpwdmd5 ($user, md5 ($currpass))) {
                 error_wrongpass ();
@@ -353,6 +357,7 @@ function main ($con) {
             success_changepass ($user);
         break;
         case "newuser":
+            error_request ();
             if ($user != "admin") {
                 error_unauthorized ();
             }