2 files changed, 23 insertions, 2 deletions

diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php
index 2a917c58..01a9fc8b 100644
--- a/modules/gallery/controllers/movies.php
+++ b/modules/gallery/controllers/movies.php
@@ -61,7 +61,18 @@ class Movies_Controller extends Items_Controller {
     access::required("edit", $movie);
 
     $form = movie::get_edit_form($movie);
-    if ($valid = $form->validate()) {
+    $valid = $form->validate();
+
+    if ($valid) {
+      $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
+      $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION);
+      if (strcasecmp($new_ext, $old_ext)) {
+        $form->edit_item->filename->add_error("illegal_extension", 1);
+        $valid = false;
+      }
+    }
+
+    if ($valid) {
       if ($form->edit_item->filename->value != $movie->name ||
           $form->edit_item->slug->value != $movie->slug) {
         // Make sure that there's not a name or slug conflict
diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php
index 81e7519e..fbff53ce 100644
--- a/modules/gallery/controllers/photos.php
+++ b/modules/gallery/controllers/photos.php
@@ -63,7 +63,17 @@ class Photos_Controller extends Items_Controller {
 
     $form = photo::get_edit_form($photo);
     $valid = $form->validate();
-    if ($valid = $form->validate()) {
+
+    if ($valid) {
+      $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
+      $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION);
+      if (strcasecmp($new_ext, $old_ext)) {
+        $form->edit_item->filename->add_error("illegal_extension", 1);
+        $valid = false;
+      }
+    }
+
+    if ($valid) {
       if ($form->edit_item->filename->value != $photo->name ||
           $form->edit_item->slug->value != $photo->slug) {
         // Make sure that there's not a name or slug conflict