fnp / edumed.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix for wannabe hackers
[edumed.git] / stage2 / forms.py
diff --git a/stage2/forms.py b/stage2/forms.py
index b956a23..b1bcac9 100644 (file)
--- a/stage2/forms.py
+++ b/stage2/forms.py
@@ -59,7 +59,10 @@ class AssignmentFieldForm(forms.Form):
         if self.type == 'options':
             value = self.cleaned_data['value']
             if value:
-                option = FieldOption.objects.get(id=int(value))
+                try:
+                    option = FieldOption.objects.get(id=int(value))
+                except (FieldOption.DoesNotExist, ValueError):
+                    raise forms.ValidationError(u'Nieprawidłowa wartość.')
                 if option.answer != self.answer and option.answer is not None:
                     raise forms.ValidationError(u'Ta opcja została już wybrana przez kogoś innego.')
                 return option
@@ -80,8 +83,8 @@ class AssignmentFieldForm(forms.Form):
                     option.save()
             else:
                 for opt in self.answer.fieldoption_set.all():
-                        opt.answer = None
-                        opt.save()
+                    opt.answer = None
+                    opt.save()
         else:
             self.answer.field_values[self.label] = value
             self.answer.save()