Detect accesses to admin functions by guests.

This commit detects accesses to admin functions when the user is a guest
and returns a corresponding error. This is now used to redirect the user
to the start page instead of "non-existing function". It has the
advantage that a bug in Lychee, that causes a non-existing function
to be called, can be spotted easier.

php/Access/Guest.php

@@ -34,12 +34,43 @@ final class Guest extends Access {
 			case 'Album::getArchive': self::getAlbumArchiveAction(); break;
 			case 'Photo::getArchive': self::getPhotoArchiveAction(); break;
 
+			// Admin functions
+			case 'Album::add':
+			case 'Album::setTitle':
+			case 'Album::setDescription':
+			case 'Album::setPublic':
+			case 'Album::delete':
+			case 'Album::merge':
+			case 'Photo::setTitle':
+			case 'Photo::setDescription':
+			case 'Photo::setStar':
+			case 'Photo::setPublic':
+			case 'Photo::setAlbum':
+			case 'Photo::setTags':
+			case 'Photo::duplicate':
+			case 'Photo::delete':
+			case 'Photo::add':
+			case 'Import::url':
+			case 'Import::server':
+			case 'search':
+			case 'Settings::setLogin':
+			case 'Settings::setSorting':
+			case 'Settings::setDropboxKey':
+				self::adminAction();
+				break;
+
 		}
 
 		self::fnNotFound();
 
 	}
 
+	private static function adminAction() {
+
+		Response::error('Function not available for guests.');
+
+	}
+
 	// Albums functions
 
 	private static function getAlbumsAction() {

src/scripts/lychee.js

@@ -424,8 +424,8 @@ lychee.html = function(literalSections, ...substs) {
 
 lychee.error = function(errorThrown, params, data) {
 
-	// if the requested function was not found, our cookie has probably expired
+	// in this case, our cookie has probably expired
-	if (data.startsWith('Error: Function not found!')) {
+	if (data.startsWith('Error: Function not available for guests.')) {
 		lychee.restart()
 		return
 	}