From 63660e6083d7ae4a44a33dd99c46253ecea83e40 Mon Sep 17 00:00:00 2001 From: Daniel Schadt Date: Wed, 29 Jun 2022 13:50:45 +0200 Subject: better checking for invalid GPX files --- fietsboek/locale/en/LC_MESSAGES/messages.mo | Bin 3289 -> 3406 bytes fietsboek/locale/en/LC_MESSAGES/messages.po | 14 +++++++++++--- fietsboek/locale/fietslog.pot | 14 +++++++++++--- fietsboek/views/upload.py | 14 +++++++++++++- 4 files changed, 35 insertions(+), 7 deletions(-) diff --git a/fietsboek/locale/en/LC_MESSAGES/messages.mo b/fietsboek/locale/en/LC_MESSAGES/messages.mo index 05007c8..39dad73 100644 Binary files a/fietsboek/locale/en/LC_MESSAGES/messages.mo and b/fietsboek/locale/en/LC_MESSAGES/messages.mo differ diff --git a/fietsboek/locale/en/LC_MESSAGES/messages.po b/fietsboek/locale/en/LC_MESSAGES/messages.po index 4ba489a..695b8ac 100644 --- a/fietsboek/locale/en/LC_MESSAGES/messages.po +++ b/fietsboek/locale/en/LC_MESSAGES/messages.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PROJECT VERSION\n" "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n" -"POT-Creation-Date: 2022-06-29 13:38+0200\n" +"POT-Creation-Date: 2022-06-29 13:48+0200\n" "PO-Revision-Date: 2022-06-28 13:11+0200\n" "Last-Translator: \n" "Language: en\n" @@ -265,11 +265,19 @@ msgstr "You are now logged in" msgid "flash.logged_out" msgstr "You have been logged out" -#: fietsboek/views/upload.py:80 +#: fietsboek/views/upload.py:24 +msgid "flash.no_file_selected" +msgstr "No file selected" + +#: fietsboek/views/upload.py:31 +msgid "flash.invalid_file" +msgstr "Invalid GPX file selected" + +#: fietsboek/views/upload.py:92 msgid "flash.upload_success" msgstr "Upload successful" -#: fietsboek/views/upload.py:91 +#: fietsboek/views/upload.py:103 msgid "flash.upload_cancelled" msgstr "Upload cancelled" diff --git a/fietsboek/locale/fietslog.pot b/fietsboek/locale/fietslog.pot index 0446056..d8e6582 100644 --- a/fietsboek/locale/fietslog.pot +++ b/fietsboek/locale/fietslog.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PROJECT VERSION\n" "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n" -"POT-Creation-Date: 2022-06-29 13:38+0200\n" +"POT-Creation-Date: 2022-06-29 13:48+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -264,11 +264,19 @@ msgstr "" msgid "flash.logged_out" msgstr "" -#: fietsboek/views/upload.py:80 +#: fietsboek/views/upload.py:24 +msgid "flash.no_file_selected" +msgstr "" + +#: fietsboek/views/upload.py:31 +msgid "flash.invalid_file" +msgstr "" + +#: fietsboek/views/upload.py:92 msgid "flash.upload_success" msgstr "" -#: fietsboek/views/upload.py:91 +#: fietsboek/views/upload.py:103 msgid "flash.upload_cancelled" msgstr "" diff --git a/fietsboek/views/upload.py b/fietsboek/views/upload.py index a27d25c..68c2e59 100644 --- a/fietsboek/views/upload.py +++ b/fietsboek/views/upload.py @@ -18,7 +18,19 @@ def upload(request): @view_config(route_name='upload', request_method='POST', permission='upload') def do_upload(request): - gpx = request.POST['gpx'].file.read() + try: + gpx = request.POST['gpx'].file.read() + except AttributeError: + request.session.flash(request.localizer.translate(_('flash.no_file_selected'))) + return HTTPFound(request.route_url('upload')) + + # Before we do anything, we check if we can parse the file + try: + gpxpy.parse(gpx) + except: + request.session.flash(request.localizer.translate(_('flash.invalid_file'))) + return HTTPFound(request.route_url('upload')) + now = datetime.datetime.now() upload = models.Upload( -- cgit v1.2.3