X-Git-Url: https://git.openstreetmap.org./nominatim.git/blobdiff_plain/b17019a21cb0d1213d9eb05a5aa266bb9b3522d6..3c0df661654432a34ad562f80fc0bc66cfb9de0c:/lib/lib.php?ds=sidebyside

diff --git a/lib/lib.php b/lib/lib.php
index a749cb6b..3a6166a6 100644
--- a/lib/lib.php
+++ b/lib/lib.php
@@ -61,23 +61,26 @@ function byImportance($a, $b)
 
 function javascript_renderData($xVal, $iOptions = 0)
 {
-    $iOptions |= JSON_UNESCAPED_UNICODE;
+    $sCallback = isset($_GET['json_callback']) ? $_GET['json_callback'] : '';
+    if ($sCallback && !preg_match('/^[$_\p{L}][$_\p{L}\p{Nd}.[\]]*$/u', $sCallback)) {
+        // Unset, we call javascript_renderData again during exception handling
+        unset($_GET['json_callback']);
+        throw new Exception('Invalid json_callback value', 400);
+    }
+
+    $iOptions |= JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES;
     if (isset($_GET['pretty']) && in_array(strtolower($_GET['pretty']), array('1', 'true'))) {
         $iOptions |= JSON_PRETTY_PRINT;
     }
 
     $jsonout = json_encode($xVal, $iOptions);
 
-    if (!isset($_GET['json_callback'])) {
+    if ($sCallback) {
+        header('Content-Type: application/javascript; charset=UTF-8');
+        echo $_GET['json_callback'].'('.$jsonout.')';
+    } else {
         header('Content-Type: application/json; charset=UTF-8');
         echo $jsonout;
-    } else {
-        if (preg_match('/^[$_\p{L}][$_\p{L}\p{Nd}.[\]]*$/u', $_GET['json_callback'])) {
-            header('Content-Type: application/javascript; charset=UTF-8');
-            echo $_GET['json_callback'].'('.$jsonout.')';
-        } else {
-            header('HTTP/1.0 400 Bad Request');
-        }
     }
 }
 
@@ -174,10 +177,10 @@ function geometryText2Points($geometry_as_text, $fRadius)
         //
         preg_match_all('/(-?[0-9.]+) (-?[0-9.]+)/', $aMatch[1], $aPolyPoints, PREG_SET_ORDER);
         //
-    } elseif (preg_match('#MULTIPOLYGON\\(\\(\\(([- 0-9.,]+)#', $geometry_as_text, $aMatch)) {
+/*    } elseif (preg_match('#MULTIPOLYGON\\(\\(\\(([- 0-9.,]+)#', $geometry_as_text, $aMatch)) {
         //
         preg_match_all('/(-?[0-9.]+) (-?[0-9.]+)/', $aMatch[1], $aPolyPoints, PREG_SET_ORDER);
-        //
+        */
     } elseif (preg_match('#POINT\\((-?[0-9.]+) (-?[0-9.]+)\\)#', $geometry_as_text, $aMatch)) {
         //
         $aPolyPoints = createPointsAroundCenter($aMatch[1], $aMatch[2], $fRadius);