1 files changed, 30 insertions, 2 deletions

diff --git a/internal/image/handler.go b/internal/image/handler.go
index 2db4c40..f41ed4d 100644
--- a/internal/image/handler.go
+++ b/internal/image/handler.go
@@ -2,6 +2,7 @@ package image
 
 import (
 	"fmt"
+	"html/template"
 	"io/ioutil"
 	"log"
 	"net/http"
@@ -40,9 +41,13 @@ func (h *imageHandler) GetImage(w http.ResponseWriter, r *http.Request) {
 	}
 	fileUrl := fmt.Sprintf("/f/%s", fileMeta.FilePath)
 	data := struct {
-		ImageUrl string
+		ImageUrl   string
+		ImageTitle string
+		ImageDesc  string
 	}{
 		fileUrl,
+		fileMeta.Title,
+		fileMeta.Desc,
 	}
 	h.service.Render(w, "image.tmpl", data)
 }
@@ -79,7 +84,30 @@ func (h *imageHandler) PostImage(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte("Incorrect Content Type"))
 		return
 	}
-	fileName, fileID, err := h.service.AddFile(extension, fileType, fileBytes)
+	formData := r.PostForm
+	rawPostTitle := formData.Get("title")
+	rawPostDesc := formData.Get("desc")
+	postTitle := template.HTMLEscapeString(rawPostTitle)
+	postDesc := template.HTMLEscapeString(rawPostDesc)
+
+	if len(rawPostDesc) != len(postDesc) {
+		log.Printf("description not clean")
+		w.WriteHeader(400)
+		w.Write([]byte("Incorrect Content Type"))
+		return
+	}
+	if len(rawPostTitle) != len(postTitle) {
+		log.Printf("invalid title")
+		w.WriteHeader(400)
+		w.Write([]byte("Invalid image meta data"))
+		return
+	}
+	postMeta := &PostMeta{
+		MimeType: fileType,
+		Title:    postTitle,
+		Desc:     postDesc,
+	}
+	fileName, fileID, err := h.service.AddFile(extension, postMeta, fileBytes)
 	if err != nil {
 		log.Printf("failed to write file")
 		w.WriteHeader(500)