aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCash Costello <cash.costello@gmail.com>2009-09-01 11:37:42 +0000
committerCash Costello <cash.costello@gmail.com>2009-09-01 11:37:42 +0000
commita07057fc6d3f68c20f8f15c3573e74d2514ba8b6 (patch)
tree7b5e0fed099bb39892b3ef0a10933e97925a6e20
parent8a74a87356b54f907c341b8d6b3bcbe6b1e2ba18 (diff)
downloadelgg-a07057fc6d3f68c20f8f15c3573e74d2514ba8b6.tar.gz
elgg-a07057fc6d3f68c20f8f15c3573e74d2514ba8b6.tar.bz2
made sure all the actions are using the appropriate gatekeeper
-rw-r--r--actions/addalbum.php4
-rw-r--r--actions/delete.php6
-rw-r--r--actions/download.php1
-rw-r--r--actions/edit.php4
-rw-r--r--actions/edit_multi.php4
-rw-r--r--actions/settings.php2
-rw-r--r--actions/upgrade.php2
-rw-r--r--actions/upload.php3
8 files changed, 16 insertions, 10 deletions
diff --git a/actions/addalbum.php b/actions/addalbum.php
index b53cf9692..ffc7ec9c7 100644
--- a/actions/addalbum.php
+++ b/actions/addalbum.php
@@ -4,8 +4,8 @@
*
*/
- // Make sure we're logged in (send us to the front page if not)
- if (!isloggedin()) forward();
+ // Make sure we're logged in
+ gatekeeper();
// Get input data
$title = get_input('tidypicstitle');
diff --git a/actions/delete.php b/actions/delete.php
index 3deb69c5b..498c991c7 100644
--- a/actions/delete.php
+++ b/actions/delete.php
@@ -5,10 +5,10 @@
*
*/
- $forward_url = 'pg/photos/world'; // by default forward to world photos
+ // must be logged in
+ gatekeeper();
- //if not logged in, see world pictures instead
- if (!isloggedin()) forward($forward_url);
+ $forward_url = 'pg/photos/world'; // by default forward to world photos
$guid = (int) get_input('guid');
diff --git a/actions/download.php b/actions/download.php
index 2736e5438..0f9835e11 100644
--- a/actions/download.php
+++ b/actions/download.php
@@ -2,6 +2,7 @@
/**
* Tidypics Download File Action
*
+ * do not call this directly - call through action handler
*/
global $CONFIG;
diff --git a/actions/edit.php b/actions/edit.php
index f5c66a1d8..e8f2e3aca 100644
--- a/actions/edit.php
+++ b/actions/edit.php
@@ -5,8 +5,8 @@
*
*/
- // Make sure we're logged in (send us to the front page if not)
- if (!isloggedin()) forward();
+ // Make sure we're logged in
+ gatekeeper();
// Get input data
$guid = (int) get_input('guid'); // guid of image or album
diff --git a/actions/edit_multi.php b/actions/edit_multi.php
index 7c03244a5..08947f1a4 100644
--- a/actions/edit_multi.php
+++ b/actions/edit_multi.php
@@ -4,8 +4,8 @@
*
*/
- // Make sure we're logged in (send us to the front page if not)
- if (!isloggedin()) forward();
+ // Make sure we're logged in
+ gatekeeper();
// Get input data
$title_array = get_input('title');
diff --git a/actions/settings.php b/actions/settings.php
index ae74b8945..6b115b049 100644
--- a/actions/settings.php
+++ b/actions/settings.php
@@ -6,7 +6,7 @@
global $CONFIG;
- gatekeeper();
+ admin_gatekeeper();
action_gatekeeper();
diff --git a/actions/upgrade.php b/actions/upgrade.php
index 0ff04dadf..cb200380a 100644
--- a/actions/upgrade.php
+++ b/actions/upgrade.php
@@ -8,6 +8,8 @@
include_once dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php";
+ admin_gatekeeper();
+
$result = true;
// add image class
diff --git a/actions/upload.php b/actions/upload.php
index 70480a498..f330cf782 100644
--- a/actions/upload.php
+++ b/actions/upload.php
@@ -9,6 +9,9 @@
include dirname(dirname(__FILE__)) . "/lib/resize.php";
include dirname(dirname(__FILE__)) . "/lib/exif.php";
+ // Make sure we're logged in
+ gatekeeper();
+
// Get common variables
$access_id = (int) get_input("access_id");
$container_guid = (int) get_input('container_guid', 0);