From: Jan Szejko Date: Tue, 30 Jan 2018 09:38:44 +0000 (+0100) Subject: fix for wannabe hackers X-Git-Url: https://git.mdrn.pl/edumed.git/commitdiff_plain/cc3068f96f0b76891ef5b005a352b4a328e0cb33 fix for wannabe hackers --- diff --git a/stage2/forms.py b/stage2/forms.py index ee25a03..b1bcac9 100644 --- a/stage2/forms.py +++ b/stage2/forms.py @@ -59,7 +59,10 @@ class AssignmentFieldForm(forms.Form): if self.type == 'options': value = self.cleaned_data['value'] if value: - option = FieldOption.objects.get(id=int(value)) + try: + option = FieldOption.objects.get(id=int(value)) + except (FieldOption.DoesNotExist, ValueError): + raise forms.ValidationError(u'Nieprawidłowa wartość.') if option.answer != self.answer and option.answer is not None: raise forms.ValidationError(u'Ta opcja została już wybrana przez kogoś innego.') return option