adding a form on the edit article pages that allows you to add an image attachment...

[mir.git] / source / mircoders / servlet / ServletModuleContent.java

diff --git a/source/mircoders/servlet/ServletModuleContent.java b/source/mircoders/servlet/ServletModuleContent.java
index 6955e26..afba80c 100755 (executable)
--- a/source/mircoders/servlet/ServletModuleContent.java
+++ b/source/mircoders/servlet/ServletModuleContent.java
@@ -176,10 +176,19 @@ public class ServletModuleContent extends ServletModule {
   public void attach(HttpServletRequest aRequest, HttpServletResponse aResponse) throws ServletModuleExc {
     String  mediaIdParam = aRequest.getParameter("mid");
     String  articleId = aRequest.getParameter("articleid");
-
     if (articleId == null || mediaIdParam==null)
       throw new ServletModuleExc("smod content :: attach :: articleid/mid missing");
-
+    // check if mediaIdParam and articleid are correct integers
+    try
+    {
+      Integer.parseInt(mediaIdParam);
+      Integer.parseInt(articleId);
+    }
+    catch(NumberFormatException e)
+    {
+      throw new ServletModuleExc("smod content :: attach :: invalid articleid/mid");
+    }
+    
     if (!MirGlobal.accessControl().article().mayEditArticle(ServletHelper.getUser(aRequest), articleId))
       throw new ServletModuleExc("Article has been locked");