Joost/pics
1
0
Fork 0
forked from Public/pics
Code Issues Pull Requests Projects Releases Wiki Activity

EditAsset: some hardening; deduplicate redirect code

Browse Source
This commit is contained in:
Aaron van Geffen 2024-01-18 13:40:17 +01:00
parent 6ec5994de0
commit 25feb31c1a
1 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
controllers/EditAsset.php
View File

@ -30,33 +30,39 @@ class EditAsset extends HTMLController
header('Location: ' . $redirectUrl); header('Location: ' . $redirectUrl);
exit; exit;
} }
else if ((isset($_REQUEST['inc_prio']) || isset($_REQUEST['dec_prio'])) && Session::validateSession('get')) else
{ {
if (isset($_REQUEST['inc_prio'])) $isPrioChange = isset($_REQUEST['inc_prio']) || isset($_REQUEST['dec_prio']);
$priority = $asset->priority + 1; $isCoverChange = isset($_REQUEST['album_cover'], $_REQUEST['in']);
else $madeChanges = false;
$priority = $asset->priority - 1;
$asset->priority = max(0, min(100, $priority)); if ($user->isAdmin() && $isPrioChange && Session::validateSession('get'))
$asset->save(); {
if (isset($_REQUEST['inc_prio']))
$priority = $asset->priority + 1;
else
$priority = $asset->priority - 1;
if (isset($_SERVER['HTTP_REFERER'])) $asset->priority = max(0, min(100, $priority));
header('Location: ' . $_SERVER['HTTP_REFERER']); $asset->save();
else $madeChanges = true;
header('Location: ' . BASEURL . '/' . $asset->getSubdir()); }
exit; elseif ($user->isAdmin() && $isCoverChange && Session::validateSession('get'))
} {
else if (isset($_REQUEST['album_cover'], $_REQUEST['in']) && Session::validateSession('get')) $tag = Tag::fromId($_REQUEST['in']);
{ $tag->id_asset_thumb = $asset->getId();
$tag = Tag::fromId($_REQUEST['in']); $tag->save();
$tag->id_asset_thumb = $asset->getId(); $madeChanges = true;
$tag->save(); }
if (isset($_SERVER['HTTP_REFERER'])) if ($madeChanges)
header('Location: ' . $_SERVER['HTTP_REFERER']); {
else if (isset($_SERVER['HTTP_REFERER']))
header('Location: ' . BASEURL . '/' . $asset->getSubdir()); header('Location: ' . $_SERVER['HTTP_REFERER']);
exit; else
header('Location: ' . BASEURL . '/' . $asset->getSubdir());
exit;
}
} }
// Get a list of available photo albums // Get a list of available photo albums