don't crash on unknown api method

diff --git a/src/imagestore/Autoloader.php b/src/imagestore/Autoloader.php
index cde5c891cec10b9e5cada0419d311abb8537c814..5d877ba1ad5b74e9353634cbe1d74dfac55915a9 100644 (file)
--- a/src/imagestore/Autoloader.php
+++ b/src/imagestore/Autoloader.php
@@ -5,7 +5,9 @@ class Autoloader
     public static function load($class)
     {
         $file = str_replace(array('_', '\\'), '/', $class) . '.php';
-        include_once $file;
+        if (stream_resolve_include_path($file)) {
+            include_once $file;
+        }
     }
 
     public static function register()

diff --git a/src/imagestore/Controller/Api.php b/src/imagestore/Controller/Api.php
index 91e4373b4a5a9841d572e98d7c745cc942d3711b..fe0d2d93a53ff2ce69a727d18e99a176b685a989 100644 (file)
--- a/src/imagestore/Controller/Api.php
+++ b/src/imagestore/Controller/Api.php
@@ -1,12 +1,12 @@
 <?php
 namespace imagestore;
 
-class Controller_Api
+class Controller_Api extends Controller_Base
 {
     public function handle($uri)
     {
         if (substr($uri, 0, 3) != 'v1/') {
-            $this->error(404, 'Only API v1 supported');
+            return $this->error(404, 'Only API v1 supported');
         }
 
         $rest = substr($uri, 3);
@@ -14,6 +14,10 @@ class Controller_Api
         $actionName = $parts[0];
         $class = 'imagestore\Controller_Api_' . ucfirst($actionName);
 
+        if (!class_exists($class)) {
+            return $this->error(404, 'API method not supported');
+        }
+
         $action = new $class();
         $action->handle(substr($rest, strlen($parts[0]) + 1));
     }