fixed an exception with bad data on comment delete

1 files changed, 11 insertions, 2 deletions

diff --git a/askbot/views/writers.py b/askbot/views/writers.py
index 8c421fb7..b9e637ad 100644
--- a/askbot/views/writers.py
+++ b/askbot/views/writers.py
@@ -17,7 +17,11 @@ from django.shortcuts import get_object_or_404
 from django.shortcuts import render
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.models import User
-from django.http import HttpResponseRedirect, HttpResponse, HttpResponseForbidden, Http404
+from django.http import HttpResponse
+from django.http import HttpResponseBadRequest
+from django.http import HttpResponseForbidden
+from django.http import HttpResponseRedirect
+from django.http import Http404
 from django.utils import simplejson
 from django.utils.html import strip_tags, escape
 from django.utils.translation import get_language
@@ -714,7 +718,12 @@ def delete_comment(request):
             raise exceptions.PermissionDenied(msg)
         if request.is_ajax():
 
-            comment_id = request.POST['comment_id']
+            form = forms.DeleteCommentForm(request.POST)
+
+            if form.is_valid() == False:
+                return HttpResponseBadRequest()
+
+            comment_id = form.cleaned_data['comment_id']
             comment = get_object_or_404(models.Post, post_type='comment', id=comment_id)
             request.user.assert_can_delete_comment(comment)