@@ -50,10 +50,12 @@ class Deleter(webapp.RequestHandler): "Delete a given image" # we get the user as you can only delete your own images user = users.get_current_user() - image = db.get(self.request.get("key")) - # check that we own this image - if image.user == user: - image.delete() + key = self.request.get("key") + if key: + image = db.get() + # check that we own this image + if image.user == user: + image.delete() # whatever happens rediect back to the main admin view self.redirect('/') @@ -62,6 +64,14 @@ class Uploader(webapp.RequestHandler): def post(self): "Upload via a multitype POST message" + img = self.request.get("img") + + # if we don't have image data we'll quit now + if not img: + self.redirect('/') + return + + # we have image data try: # check we have numerical width and height values width = int(self.request.get("width")) @@ -69,16 +79,16 @@ class Uploader(webapp.RequestHandler): except ValueError: # if we don't have valid width and height values # then just use the original image - image_content = self.request.get("img") + image_content = img else: # if we have valid width and height values # then resize according to those values - image_content = images.resize(self.request.get("img"), width, height) + image_content = images.resize(img, width, height) # get the image data from the form - original_content = self.request.get("img") + original_content = img # always generate a thumbnail for use on the admin page - thumb_content = images.resize(self.request.get("img"), 100, 100) + thumb_content = images.resize(img, 100, 100) # create the image object image = Image() backend.py @@ -20,8 +20,16 @@ class GenericServer(webapp.RequestHandler): property = 'image' def get(self): # key is provided in the query string - image = db.get(self.request.get("id")) - if image.image: + img = self.request.get("id") + try: + # it might be an invalid key so we better check + image = db.get(img) + except db.BadKeyError: + # if it is then return a 404 + self.error(404) + return + + if image and image.image: # we have an image so prepare the response # with the relevant headers self.response.headers['Content-Type'] = "image/png" frontend.py 685bd01063774f904b7eb45f8d8906971a2cd292 Gareth Rushgrove gareth@morethanseven.net http://github.com/garethr/appengine-image-host/commit/504cd4393d865917f92d4fa6162d4876900b786d 504cd4393d865917f92d4fa6162d4876900b786d 2009-02-05T13:35:30-08:00 2009-02-05T13:35:30-08:00 fixed bugs from not checking if request parameters where set d7eecdd7953612b88ff5ce1bed7e16bb7b949d8f Gareth Rushgrove gareth@morethanseven.net