X-Git-Url: https://dev.renevier.net/gitweb.cgi?p=syp.git;a=blobdiff_plain;f=api.php;h=c3405e8ec6259c53ee5598b1348ab718083fe40e;hp=ac49d76665ca7cec11da77cad84d1b03c3bc3181;hb=fae41854ef2408f0b00c50eac06e5a13125db4f1;hpb=274b5f5506b242b4680bc8fe3d9811f668c06f29

diff --git a/api.php b/api.php
index ac49d76..c3405e8 100644
--- a/api.php
+++ b/api.php
@@ -255,6 +255,7 @@ function main ($con) {
             if ($_POST ["keep_img"] == "yes") {
                 $imgpath = $feature->imgpath;
             } else {
+                error_request ();
                 $imgpath = save_uploaded_file ($_FILES ["image_file"], $con);
             }
 
@@ -295,6 +296,7 @@ function main ($con) {
             success_feature ($new_feature, "update");
         break;
         case "add":
+            error_request ();
             $imgpath = save_uploaded_file ($_FILES ["image_file"], $con);
 
             $lon = $_POST ["lon"];
@@ -314,6 +316,7 @@ function main ($con) {
             success_feature ($feature, "add");
         break;
         case "del":
+            error_request ();
             $id = $_POST ["fid"];
             $feature = $con->getfeature ($id);
             if (!isset ($feature)) {
@@ -336,6 +339,7 @@ function main ($con) {
 
             success_delete_feature ($feature);
         case "changepass":
+            error_request ();
             $currpass = unquote ($_POST ["pass_current"]);
             if (!$con->checkpwdmd5 ($user, md5 ($currpass))) {
                 error_wrongpass ();
@@ -350,6 +354,7 @@ function main ($con) {
             success_changepass ($user);
         break;
         case "newuser":
+            error_request ();
             if ($user != "admin") {
                 error_unauthorized ();
             }