diff options
| author | sostler <sbostler@gmail.com> | 2010-04-14 09:15:08 -0400 |
|---|---|---|
| committer | sostler <sbostler@gmail.com> | 2010-04-14 09:15:08 -0400 |
| commit | f8e7c8cde1bde9dfac0a8245ba9b6e6d37e9d7b0 (patch) | |
| tree | aeaac0dcb44e70898cc9e7985a276c64fd793460 /src | |
| parent | 6fdfc1fd9577e6a1415241b43ee0d6354a155933 (diff) | |
Rewrote upload validation
Diffstat (limited to 'src')
| -rw-r--r-- | src/site.clj | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/site.clj b/src/site.clj index ca8bc9d..bd385c3 100644 --- a/src/site.clj +++ b/src/site.clj @@ -886,15 +886,16 @@ (let [room-key (params :room) nick (session :nick) user-id (session :user_id) + image (params :image) mute ((poll *active-mutes*) user-id) - image (params :image)] + has-access (validate-room-access room-key session)] ; --TODO-- ; Because ajaxupload.js doesn't feature an error-handler, ; all responses not equal to "OK" signal errors. - (cond (not nick) (resp-success "NOT_LOGGED_IN") - (not image) (resp-success "INVALID_REQUEST") - mute (resp-success (format-mute mute)) - (not (validate-room-access room-key session)) [200 "UNKNOWN_ROOM"] + (cond (not nick) (resp-success "NOT_LOGGED_IN") + (not image) (resp-success "INVALID_REQUEST") + mute (resp-success (format-mute mute)) + (not has-access) (resp-success "UNKNOWN_ROOM") :else (do-upload session image (lookup-room room-key))))) ;; N.B. -- Upload responses aren't JSON-evaluated |