diff options
| author | Cash Costello <cash.costello@gmail.com> | 2012-07-14 08:10:28 -0400 |
|---|---|---|
| committer | Cash Costello <cash.costello@gmail.com> | 2012-07-14 08:10:28 -0400 |
| commit | 4761adf8eee9feadd77599682ef192b56520d11d (patch) | |
| tree | 022a921d20ddd26fb226351cadedf9a8dfe9e971 /classes/TidypicsAlbum.php | |
| parent | 4448f072dc6149a62b602e60e766fd00c2b6af89 (diff) | |
| parent | c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d (diff) | |
| download | elgg-4761adf8eee9feadd77599682ef192b56520d11d.tar.gz elgg-4761adf8eee9feadd77599682ef192b56520d11d.tar.bz2 | |
Pulling in several small fixes from Brett's fork
Diffstat (limited to 'classes/TidypicsAlbum.php')
| -rw-r--r-- | classes/TidypicsAlbum.php | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/classes/TidypicsAlbum.php b/classes/TidypicsAlbum.php index ad1a357de..57bdcf707 100644 --- a/classes/TidypicsAlbum.php +++ b/classes/TidypicsAlbum.php @@ -206,8 +206,14 @@ class TidypicsAlbum extends ElggObject { } $list = unserialize($listString); + // if empty don't need to check the permissions. + if (!$list || $list[0] == '') { + return array(); + } + // check access levels $guidsString = implode(',', $list); + $options = array( 'wheres' => array("e.guid IN ($guidsString)"), 'order_by' => "FIELD(e.guid, $guidsString)", @@ -225,8 +231,15 @@ class TidypicsAlbum extends ElggObject { * @param array $list An indexed array of image guids */ public function setImageList($list) { + // validate data + foreach ($list as $guid) { + if (!filter_var($guid, FILTER_VALIDATE_INT)) { + return false; + } + } + $listString = serialize($list); - $this->orderedImages = $listString; + return $this->orderedImages = $listString; } /** |