]> git.openstreetmap.org Git - nominatim.git/blobdiff - lib/Geocode.php
Merge remote-tracking branch 'upstream/master'
[nominatim.git] / lib / Geocode.php
index 83618113ad00e74fcf50640c9384c4f8a9eefc95..b5f0c74f9612a1e01e943a277c6414f5f77dbb64 100644 (file)
@@ -180,6 +180,17 @@ class Geocode
     {
         $this->aViewBox = array_map('floatval', $aViewbox);
 
+        $this->aViewBox[0] = max(-180.0, min(180, $this->aViewBox[0]));
+        $this->aViewBox[1] = max(-90.0, min(90, $this->aViewBox[1]));
+        $this->aViewBox[2] = max(-180.0, min(180, $this->aViewBox[2]));
+        $this->aViewBox[3] = max(-90.0, min(90, $this->aViewBox[3]));
+
+        if (abs($this->aViewBox[0] - $this->aViewBox[2]) < 0.000000001
+            || abs($this->aViewBox[1] - $this->aViewBox[3]) < 0.000000001
+        ) {
+            userError("Bad parameter 'viewbox'. Not a box.");
+        }
+
         $fHeight = $this->aViewBox[0] - $this->aViewBox[2];
         $fWidth = $this->aViewBox[1] - $this->aViewBox[3];
         $aBigViewBox[0] = $this->aViewBox[0] + $fHeight;
@@ -258,10 +269,16 @@ class Geocode
 
         $aViewbox = $oParams->getStringList('viewboxlbrt');
         if ($aViewbox) {
+            if (count($aViewbox) != 4) {
+                userError("Bad parmater 'viewbox'. Expected 4 coordinates.");
+            }
             $this->setViewbox($aViewbox);
         } else {
             $aViewbox = $oParams->getStringList('viewbox');
             if ($aViewbox) {
+                if (count($aViewbox) != 4) {
+                    userError("Bad parmater 'viewbox'. Expected 4 coordinates.");
+                }
                 $this->setViewBox(array(
                                    $aViewbox[0],
                                    $aViewbox[3],
@@ -880,7 +897,7 @@ class Geocode
             foreach ($aPhrases as $iPhrase => $sPhrase) {
                 $aPhrase = chksql(
                     $this->oDB->getRow("select make_standard_name('".pg_escape_string($sPhrase)."') as string"),
-                    "Cannot nomralize query string (is it an UTF-8 string?)"
+                    "Cannot normalize query string (is it a UTF-8 string?)"
                 );
                 if (trim($aPhrase['string'])) {
                     $aPhrases[$iPhrase] = $aPhrase;