X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/0c383eee5badf7fef3dbc643fae017d98e726750..refs/pull/780/head:/app/Http/Controllers/ImageController.php

diff --git a/app/Http/Controllers/ImageController.php b/app/Http/Controllers/ImageController.php
index c44b6e480..8437c80d7 100644
--- a/app/Http/Controllers/ImageController.php
+++ b/app/Http/Controllers/ImageController.php
@@ -63,14 +63,14 @@ class ImageController extends Controller
      * @param Request $request
      * @return mixed
      */
-    public function searchByType($type, $page = 0, Request $request)
+    public function searchByType(Request $request, $type, $page = 0)
     {
         $this->validate($request, [
             'term' => 'required|string'
         ]);
 
         $searchTerm = $request->get('term');
-        $imgData = $this->imageRepo->searchPaginatedByType($type, $page, 24, $searchTerm);
+        $imgData = $this->imageRepo->searchPaginatedByType($type, $searchTerm, $page, 24);
         return response()->json($imgData);
     }
 
@@ -92,17 +92,19 @@ class ImageController extends Controller
      * @param Request $request
      * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response
      */
-    public function getGalleryFiltered($filter, $page = 0, Request $request)
+    public function getGalleryFiltered(Request $request, $filter, $page = 0)
     {
         $this->validate($request, [
             'page_id' => 'required|integer'
         ]);
 
         $validFilters = collect(['page', 'book']);
-        if (!$validFilters->contains($filter)) return response('Invalid filter', 500);
+        if (!$validFilters->contains($filter)) {
+            return response('Invalid filter', 500);
+        }
 
         $pageId = $request->get('page_id');
-        $imgData = $this->imageRepo->getGalleryFiltered($page, 24, strtolower($filter), $pageId);
+        $imgData = $this->imageRepo->getGalleryFiltered(strtolower($filter), $pageId, $page, 24);
 
         return response()->json($imgData);
     }
@@ -120,7 +122,10 @@ class ImageController extends Controller
         $this->validate($request, [
             'file' => 'is_image'
         ]);
-        // TODO - Restrict & validate types
+
+        if (!$this->imageRepo->isValidType($type)) {
+            return $this->jsonError(trans('errors.image_upload_type_error'));
+        }
 
         $imageUpload = $request->file('file');
 
@@ -131,6 +136,7 @@ class ImageController extends Controller
             return response($e->getMessage(), 500);
         }
 
+
         return response()->json($image);
     }
 
@@ -262,6 +268,4 @@ class ImageController extends Controller
         $this->imageRepo->destroyImage($image);
         return response()->json(trans('components.images_deleted'));
     }
-
-
 }