From: Jan Szejko <janek37@gmail.com>
Date: Tue, 30 Jan 2018 09:38:44 +0000 (+0100)
Subject: fix for wannabe hackers
X-Git-Url: https://git.mdrn.pl/edumed.git/commitdiff_plain/cc3068f96f0b76891ef5b005a352b4a328e0cb33

fix for wannabe hackers
---

diff --git a/stage2/forms.py b/stage2/forms.py
index ee25a03..b1bcac9 100644
--- a/stage2/forms.py
+++ b/stage2/forms.py
@@ -59,7 +59,10 @@ class AssignmentFieldForm(forms.Form):
         if self.type == 'options':
             value = self.cleaned_data['value']
             if value:
-                option = FieldOption.objects.get(id=int(value))
+                try:
+                    option = FieldOption.objects.get(id=int(value))
+                except (FieldOption.DoesNotExist, ValueError):
+                    raise forms.ValidationError(u'Nieprawidłowa wartość.')
                 if option.answer != self.answer and option.answer is not None:
                     raise forms.ValidationError(u'Ta opcja została już wybrana przez kogoś innego.')
                 return option