diff options
| -rw-r--r-- | mediagoblin/plugins/piwigo/views.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/mediagoblin/plugins/piwigo/views.py b/mediagoblin/plugins/piwigo/views.py index 3dee09cd..26e5019a 100644 --- a/mediagoblin/plugins/piwigo/views.py +++ b/mediagoblin/plugins/piwigo/views.py @@ -23,6 +23,7 @@ from werkzeug.wrappers import BaseResponse from mediagoblin import mg_globals from mediagoblin.meddleware.csrf import csrf_exempt from mediagoblin.tools.response import render_404 +from mediagoblin.submit.lib import check_file_field from .tools import CmdTable, PwgNamedArray, response_xml from .forms import AddSimpleForm @@ -92,6 +93,9 @@ def pwg_images_addSimple(request): dump.append("%s=%r" % (f.name, f.data)) _log.info("addimple: %r %s %r", request.form, " ".join(dump), request.files) + if not check_file_field(request, 'image'): + raise BadRequest() + return {'image_id': 123456, 'url': ''} |