Fixed invalid SQL caused by sorting an empty album.

Also hiding slideshow and sort links for albums with no images.
author: Brett Profitt <brett.profitt@gmail.com> 2012-06-08 15:23:47 -0700
committer: Brett Profitt <brett.profitt@gmail.com> 2012-06-08 15:23:47 -0700
commit: c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d (patch)
tree: f11839953914d0cc84306526c91ed60d0e746414 /classes
parent: 90b3ef93ab20ceb49d0e2f5b40a87dd6608d05f4 (diff)
download: elgg-c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d.tar.gz
elgg-c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d.tar.bz2
1 files changed, 9 insertions, 2 deletions
diff --git a/classes/TidypicsAlbum.php b/classes/TidypicsAlbum.php
index 1fd98c76b..57bdcf707 100644
--- a/classes/TidypicsAlbum.php
+++ b/classes/TidypicsAlbum.php
@@ -207,7 +207,7 @@ class TidypicsAlbum extends ElggObject {
 		$list = unserialize($listString);
 
 		// if empty don't need to check the permissions.
-		if (!$list) {
+		if (!$list || $list[0] == '') {
 			return array();
 		}
 
@@ -231,8 +231,15 @@ class TidypicsAlbum extends ElggObject {
 	 * @param array $list An indexed array of image guids 
 	 */
 	public function setImageList($list) {
+		// validate data
+		foreach ($list as $guid) {
+			if (!filter_var($guid, FILTER_VALIDATE_INT)) {
+				return false;
+			}
+		}
+
 		$listString = serialize($list);
-		$this->orderedImages = $listString;
+		return $this->orderedImages = $listString;
 	}
 
 	/**
author	Brett Profitt <brett.profitt@gmail.com>	2012-06-08 15:23:47 -0700
committer	Brett Profitt <brett.profitt@gmail.com>	2012-06-08 15:23:47 -0700
commit	c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d (patch)
tree	f11839953914d0cc84306526c91ed60d0e746414 /classes
parent	90b3ef93ab20ceb49d0e2f5b40a87dd6608d05f4 (diff)
download	elgg-c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d.tar.gz elgg-c1da32e6a7e2f4a15a3b2d69cd38a1c0c164a99d.tar.bz2