In order to prevent SQL injections and , reveal information about the database tables avoid passing MySQL functions as GQL sorting parameters, I refactored the FormatSQL() function.
Additionally, the old approach with using regex to filter the orderBy parameter was not effective and prevented using column.table annotations.
- Added favorites toggle on both Album and Photos page
- When the favorites are viewed, the URL changes
- Removed unused variable activeImage
- Added match.params propTypes to AlbumPage component
To prepare for video support
Migrate database rename tables and columns:
- photo to media
- photo_url to media_url
- photo_exif to media_exif
- Update api accordingly