diff options
Diffstat (limited to 'actions')
| -rw-r--r-- | actions/avatar/crop.php | 6 | ||||
| -rw-r--r-- | actions/friends/add.php | 4 |
2 files changed, 10 insertions, 0 deletions
diff --git a/actions/avatar/crop.php b/actions/avatar/crop.php index f2b812c4f..b9a80f331 100644 --- a/actions/avatar/crop.php +++ b/actions/avatar/crop.php @@ -22,6 +22,12 @@ $filehandler->owner_guid = $owner->getGUID(); $filehandler->setFilename("profile/" . $owner->guid . "master" . ".jpg"); $filename = $filehandler->getFilenameOnFilestore(); +// ensuring the avatar image exists in the first place +if (!file_exists($filename)) { + register_error(elgg_echo('avatar:crop:fail')); + forward(REFERER); +} + $icon_sizes = elgg_get_config('icon_sizes'); unset($icon_sizes['master']); diff --git a/actions/friends/add.php b/actions/friends/add.php index 7d38674c1..d1800ee14 100644 --- a/actions/friends/add.php +++ b/actions/friends/add.php @@ -9,6 +9,10 @@ // Get the GUID of the user to friend $friend_guid = get_input('friend'); $friend = get_entity($friend_guid); +if (!$friend) { + register_error(elgg_echo('error:missing_data')); + forward(REFERER); +} $errors = false; |