Redirect to the frontpage rather than error on invalid params

Fixes #1448.
author: Louise Crow <louise.crow@gmail.com> 2014-05-29 10:52:23 +0200
committer: Louise Crow <louise.crow@gmail.com> 2014-06-02 16:58:39 +0100
commit: 21e17c404bfd4ab900045589a751c7010e223609 (patch)
tree: 53d2d6fa5d58e3c6984878aa5ee208733d0b9262 /app/controllers/request_controller.rb
parent: 2273362d91ce5bf9b58748b3917000010b780fc1 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index d66c28275..125791ef8 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -303,6 +303,12 @@ class RequestController < ApplicationController
             return render_new_compose(batch=false)
         end
 
+        # Check we have :public_body_id - spammers seem to be using :public_body
+        # erroneously instead
+        if params[:info_request][:public_body_id].blank?
+          redirect_to frontpage_path && return
+        end
+
         # See if the exact same request has already been submitted
         # XXX this check should theoretically be a validation rule in the
         # model, except we really want to pass @existing_request to the view so
author	Louise Crow <louise.crow@gmail.com>	2014-05-29 10:52:23 +0200
committer	Louise Crow <louise.crow@gmail.com>	2014-06-02 16:58:39 +0100
commit	21e17c404bfd4ab900045589a751c7010e223609 (patch)
tree	53d2d6fa5d58e3c6984878aa5ee208733d0b9262 /app/controllers/request_controller.rb
parent	2273362d91ce5bf9b58748b3917000010b780fc1 (diff)