X-Git-Url: https://git.openstreetmap.org./nominatim.git/blobdiff_plain/44ee8d9ce34a4a60113b6600dcc7b2f5b24c7a0e..7b1f35426dada3eb2d210dfc492e16d2f9a42894:/lib/Geocode.php diff --git a/lib/Geocode.php b/lib/Geocode.php index 6bc2c1e6..ec3ce13b 100644 --- a/lib/Geocode.php +++ b/lib/Geocode.php @@ -162,7 +162,7 @@ class Geocode $this->sViewboxCentreSQL = "ST_SetSRID('LINESTRING("; $sSep = ''; - foreach ($this->aRoutePoints as $aPoint) { + foreach ($aRoutePoints as $aPoint) { $fPoint = (float)$aPoint; $this->sViewboxCentreSQL .= $sSep.$fPoint; $sSep = ($sSep == ' ') ? ',' : ' '; @@ -180,6 +180,16 @@ class Geocode { $this->aViewBox = array_map('floatval', $aViewbox); + if ($this->aViewBox[0] < -180 + || $this->aViewBox[2] > 180 + || $this->aViewBox[0] >= $this->aViewBox[2] + || $this->aViewBox[1] < -90 + || $this->aViewBox[3] > 90 + || $this->aViewBox[1] >= $this->aViewBox[3] + ) { + userError("Bad parameter 'viewbox'. Out of range".$this->aViewBox[0]."|".$this->aViewBox[1]."|".$this->aViewBox[2]."|".$this->aViewBox[3]); + } + $fHeight = $this->aViewBox[0] - $this->aViewBox[2]; $fWidth = $this->aViewBox[1] - $this->aViewBox[3]; $aBigViewBox[0] = $this->aViewBox[0] + $fHeight; @@ -252,16 +262,22 @@ class Geocode $aCountries[] = strtolower($sCountryCode); } } - if (isset($aCountryCodes)) + if (isset($aCountries)) $this->aCountryCodes = $aCountries; } $aViewbox = $oParams->getStringList('viewboxlbrt'); if ($aViewbox) { + if (count($aViewbox) != 4) { + userError("Bad parmater 'viewbox'. Expected 4 coordinates."); + } $this->setViewbox($aViewbox); } else { $aViewbox = $oParams->getStringList('viewbox'); if ($aViewbox) { + if (count($aViewbox) != 4) { + userError("Bad parmater 'viewbox'. Expected 4 coordinates."); + } $this->setViewBox(array( $aViewbox[0], $aViewbox[3], @@ -756,6 +772,9 @@ class Geocode } $sQuery = $this->sQuery; + if (!preg_match('//u', $sQuery)) { + userError("Query string is not UTF-8 encoded."); + } // Conflicts between US state abreviations and various words for 'the' in different languages if (isset($this->aLangPrefOrder['name:en'])) { @@ -880,7 +899,7 @@ class Geocode foreach ($aPhrases as $iPhrase => $sPhrase) { $aPhrase = chksql( $this->oDB->getRow("select make_standard_name('".pg_escape_string($sPhrase)."') as string"), - "Cannot nomralize query string (is it an UTF-8 string?)" + "Cannot normalize query string (is it a UTF-8 string?)" ); if (trim($aPhrase['string'])) { $aPhrases[$iPhrase] = $aPhrase; @@ -1467,7 +1486,7 @@ class Geocode } } else { // Just interpret as a reverse geocode - $oReverse = new Nominatim\ReverseGeocode($this->oDB); + $oReverse = new ReverseGeocode($this->oDB); $oReverse->setZoom(18); $aLookup = $oReverse->lookup( @@ -1480,6 +1499,7 @@ class Geocode if ($aLookup['place_id']) { $aSearchResults = $this->getDetails(array($aLookup['place_id'] => -1)); + $aResultPlaceIDs[$aLookup['place_id']] = -1; } else { $aSearchResults = array(); } @@ -1551,7 +1571,7 @@ class Geocode // getAddressDetails() is defined in lib.php and uses the SQL function get_addressdata in functions.sql $aResult['address'] = getAddressDetails($this->oDB, $sLanguagePrefArraySQL, $aResult['place_id'], $aResult['country_code'], $aResultPlaceIDs[$aResult['place_id']]); if ($aResult['extra_place'] == 'city' && !isset($aResult['address']['city'])) { - $aResult['address'] = array_merge(array('city' => array_shift(array_values($aResult['address']))), $aResult['address']); + $aResult['address'] = array_merge(array('city' => array_values($aResult['address'])[0]), $aResult['address']); } }