diff options
| -rw-r--r-- | image.php | 9 | ||||
| -rw-r--r-- | lib/class/xmldata.class.php | 4 |
2 files changed, 11 insertions, 2 deletions
@@ -24,6 +24,15 @@ * and dumps it to the browser as an image mime type. * */ + +// This file is a little weird it needs to allow API session +// this needs to be done a little better, but for now... eah +if ($_REQUEST['auth']) { + if (Access::session_exists(array(),$_REQUEST['auth'],'api')) { + define('NO_SESSION','1'); + } +} // extra layer of auth + require 'lib/init.php'; /* Decide what size this image is */ diff --git a/lib/class/xmldata.class.php b/lib/class/xmldata.class.php index d63d9bfc..129c2240 100644 --- a/lib/class/xmldata.class.php +++ b/lib/class/xmldata.class.php @@ -105,8 +105,8 @@ class xmlData { $album = new Album($album_id); $album->format(); - // Build the Art URL - $art_url = Config::get('web_path') . '/image.php?id=' . $album->id; + // Build the Art URL, include session + $art_url = Config::get('web_path') . '/image.php?id=' . $album->id . '&auth=' . scrub_out($_REQUEST['auth']); $string .= "<album id=\"$album->id\">\n" . "\t<name><![CDATA[$album->name]]></name>\n"; |