From f6f557696d1b9b5587513c517d1846f0b91e46cf Mon Sep 17 00:00:00 2001
From: Elrond <elrond+mediagoblin.org@samba-tng.org>
Date: Fri, 22 Mar 2013 16:07:07 +0100
Subject: [PATCH] Use check_file_field in pwg_images_addSimple.

---
 mediagoblin/plugins/piwigo/views.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/mediagoblin/plugins/piwigo/views.py b/mediagoblin/plugins/piwigo/views.py
index 3dee09cd..26e5019a 100644
--- a/mediagoblin/plugins/piwigo/views.py
+++ b/mediagoblin/plugins/piwigo/views.py
@@ -23,6 +23,7 @@ from werkzeug.wrappers import BaseResponse
 from mediagoblin import mg_globals
 from mediagoblin.meddleware.csrf import csrf_exempt
 from mediagoblin.tools.response import render_404
+from mediagoblin.submit.lib import check_file_field
 from .tools import CmdTable, PwgNamedArray, response_xml
 from .forms import AddSimpleForm
 
@@ -92,6 +93,9 @@ def pwg_images_addSimple(request):
         dump.append("%s=%r" % (f.name, f.data))
     _log.info("addimple: %r %s %r", request.form, " ".join(dump), request.files)
 
+    if not check_file_field(request, 'image'):
+        raise BadRequest()
+
     return {'image_id': 123456, 'url': ''}