From e84a854e54adf07d0bda64f8e3a4182940b44a97 Mon Sep 17 00:00:00 2001
From: deva <deva>
Date: Thu, 25 Feb 2010 19:56:19 +0000
Subject: Improved security a bit in image cache.

---
 utils/imagecache.php          | 1 +
 utils/modules/discography.php | 3 ++-
 utils/modules/gallery.php     | 3 ++-
 3 files changed, 5 insertions(+), 2 deletions(-)

(limited to 'utils')

diff --git a/utils/imagecache.php b/utils/imagecache.php
index 811ba0c..a4a7792 100644
--- a/utils/imagecache.php
+++ b/utils/imagecache.php
@@ -48,6 +48,7 @@ function getCachedImage($filename, $mod, $cat)
 	global $modules;
 	loadModule($mod);
 	if(!$modules[$mod]) die(404);
+	if(!method_exists($modules[$mod], "getImageSize")) die(404);
 
 	$size = $modules[$mod]->getImageSize($cat);
 	$maxwidth = $size->width;
diff --git a/utils/modules/discography.php b/utils/modules/discography.php
index bc37022..2f4589d 100644
--- a/utils/modules/discography.php
+++ b/utils/modules/discography.php
@@ -251,9 +251,10 @@ class Discography {
 	public function getImageSize($cat)
 	{
 		switch($cat) {
-		default:
 		case "cover":
 			return new ImageSize($this->coverwidth, $this->coverheight);
+		default:
+			die(404);
 		}
 	}
 	
diff --git a/utils/modules/gallery.php b/utils/modules/gallery.php
index f427344..3d6e638 100644
--- a/utils/modules/gallery.php
+++ b/utils/modules/gallery.php
@@ -422,9 +422,10 @@ class Gallery {
 			return new ImageSize($this->maxwidth_rand, $this->maxheight_rand);
 		case "navicon":
 			return new ImageSize($this->maxwidth_navicon, $this->maxheight_navicon);
-		default:
 		case "albumicon":
 			return new ImageSize($this->maxwidth_icon, $this->maxheight_icon);
+		default:
+      die(404);
 		}
 	}
 
-- 
cgit v1.2.3