X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/9dbe1a497af89d3e53aad1af091d296520a74c6f..349413a520d05cf9c55fe6870de6ea2f933a3248:/app/controllers/swf_controller.rb

diff --git a/app/controllers/swf_controller.rb b/app/controllers/swf_controller.rb
index 9a4516016..94a3f5b4c 100644
--- a/app/controllers/swf_controller.rb
+++ b/app/controllers/swf_controller.rb
@@ -1,5 +1,6 @@
 class SwfController < ApplicationController
-  before_filter :check_availability
+	session :off
+	before_filter :check_availability
 
 # to log:
 # RAILS_DEFAULT_LOGGER.error("Args: #{args[0]}, #{args[1]}, #{args[2]}, #{args[3]}")
@@ -19,10 +20,10 @@ class SwfController < ApplicationController
 		basey		=params['basey'].to_f
 		masterscale	=params['masterscale'].to_f
 	
-		xmin=params['xmin'].to_f; xminr=xmin/0.000001
-		xmax=params['xmax'].to_f; xmaxr=xmax/0.000001
-		ymin=params['ymin'].to_f; yminr=ymin/0.000001
-		ymax=params['ymax'].to_f; ymaxr=ymax/0.000001
+		xmin=params['xmin'].to_f;
+		xmax=params['xmax'].to_f;
+		ymin=params['ymin'].to_f;
+		ymax=params['ymax'].to_f;
 	
 		# -	Begin movie
 	
@@ -45,22 +46,19 @@ class SwfController < ApplicationController
 		lastfile='-1'
 	
 		if params['token']
-			token=sqlescape(params['token'])
+                        user=User.authenticate(:token => params[:token])
 			sql="SELECT gps_points.latitude*0.000001 AS lat,gps_points.longitude*0.000001 AS lon,gpx_files.id AS fileid,UNIX_TIMESTAMP(gps_points.timestamp) AS ts "+
-				 " FROM gpx_files,gps_points,users "+
+				 " FROM gpx_files,gps_points "+
 				 "WHERE gpx_files.id=gpx_id "+
-				 "  AND gpx_files.user_id=users.id "+
-				 "  AND token='#{token}' "+
-				 "  AND (gps_points.longitude BETWEEN #{xminr} AND #{xmaxr}) "+
-				 "  AND (gps_points.latitude BETWEEN #{yminr} AND #{ymaxr}) "+
+				 "  AND gpx_files.user_id=#{user.id} "+
+				 "  AND "+OSM.sql_for_area(ymin,xmin,ymax,xmax,"gps_points.")+
 				 "  AND (gps_points.timestamp IS NOT NULL) "+
 				 "ORDER BY fileid DESC,ts "+
 				 "LIMIT 10000"
 		else
 			sql="SELECT latitude*0.000001 AS lat,longitude*0.000001 AS lon,gpx_id AS fileid,UNIX_TIMESTAMP(timestamp) AS ts "+
 				 " FROM gps_points "+
-				 "WHERE (longitude BETWEEN #{xminr} AND #{xmaxr}) "+
-				 "  AND (latitude  BETWEEN #{yminr} AND #{ymaxr}) "+
+				 "WHERE "+OSM.sql_for_area(ymin,xmin,ymax,xmax,"gps_points.")+
 				 "  AND (gps_points.timestamp IS NOT NULL) "+
 				 "ORDER BY fileid DESC,ts "+
 				 "LIMIT 10000"