Use check_file_field in pwg_images_addSimple.

author Elrond <elrond+mediagoblin.org@samba-tng.org>

Fri, 22 Mar 2013 15:07:07 +0000 (16:07 +0100)

committer Elrond <elrond+mediagoblin.org@samba-tng.org>

Thu, 18 Apr 2013 14:14:16 +0000 (16:14 +0200)
author Elrond <elrond+mediagoblin.org@samba-tng.org>
Fri, 22 Mar 2013 15:07:07 +0000 (16:07 +0100)
committer Elrond <elrond+mediagoblin.org@samba-tng.org>
Thu, 18 Apr 2013 14:14:16 +0000 (16:14 +0200)
diff --git a/mediagoblin/plugins/piwigo/views.py b/mediagoblin/plugins/piwigo/views.py

index 3dee09cda4e99e835a63b7af08f463442374d445..26e5019a5d544df6b269af5e89d4e5eb334256fd 100644 (file)
--- a/mediagoblin/plugins/piwigo/views.py
+++ b/mediagoblin/plugins/piwigo/views.py
@@ -23,6 +23,7 @@ from werkzeug.wrappers import BaseResponse
  from mediagoblin import mg_globals
  from mediagoblin.meddleware.csrf import csrf_exempt
  from mediagoblin.tools.response import render_404
+from mediagoblin.submit.lib import check_file_field
  from .tools import CmdTable, PwgNamedArray, response_xml
  from .forms import AddSimpleForm
  
@@ -92,6 +93,9 @@ def pwg_images_addSimple(request):
          dump.append("%s=%r" % (f.name, f.data))
      _log.info("addimple: %r %s %r", request.form, " ".join(dump), request.files)
  
+    if not check_file_field(request, 'image'):
+        raise BadRequest()
+
      return {'image_id': 123456, 'url': ''}
author	Elrond <elrond+mediagoblin.org@samba-tng.org>
	Fri, 22 Mar 2013 15:07:07 +0000 (16:07 +0100)
committer	Elrond <elrond+mediagoblin.org@samba-tng.org>
	Thu, 18 Apr 2013 14:14:16 +0000 (16:14 +0200)