diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-11-21 08:35:31 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-11-21 08:35:31 +0000 |
| commit | 8f883bfa4554dd8894eb5236f6f06f7b49ea3225 (patch) | |
| tree | 5b0470b57ccc6bd8947c7419d067a613ac9c11e1 /image.php | |
| parent | 068b2cbbb33afcab2e6ee41501fa90a85f52f367 (diff) | |
| download | ampache-8f883bfa4554dd8894eb5236f6f06f7b49ea3225.tar.gz ampache-8f883bfa4554dd8894eb5236f6f06f7b49ea3225.tar.bz2 ampache-8f883bfa4554dd8894eb5236f6f06f7b49ea3225.zip | |
two fixes for invalid artist ids in album xml and parse error on image.php
Diffstat (limited to 'image.php')
| -rw-r--r-- | image.php | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -27,14 +27,14 @@ // This file is a little weird it needs to allow API session // this needs to be done a little better, but for now... eah -if ($_REQUEST['auth']) { - if (Access::session_exists(array(),$_REQUEST['auth'],'api')) { - define('NO_SESSION','1'); - } -} // extra layer of auth - +define('NO_SESSION','1'); require 'lib/init.php'; +// Check their session manually +if (!session_exists(session_id()) && !Access::session_exists(array(),$_REQUEST['auth'],'api')) { + exit; +} + /* Decide what size this image is */ switch ($_REQUEST['thumb']) { case '1': |