--- ktorrent-3.1.3/plugins/webinterface/httpserver.cpp	2008-10-06 18:43:01.000000000 +0200
+++ ktorrent-3.1.4/plugins/webinterface/httpserver.cpp	2008-10-19 12:23:34.000000000 +0200
@@ -450,9 +450,17 @@
 	void HttpServer::handleTorrentPost(HttpClientHandler* hdlr,const QHttpRequestHeader & hdr,const QByteArray & data)
 	{
 		const char* ptr = data.data();
-		Uint32 len = data.size();
+		int len = data.size();
 		int pos = QString(data).indexOf("\r\n\r\n");
 		
+		if (!session.logged_in || !checkSession(hdr))
+		{
+			// You can't post torrents if you are not logged in
+			// or the session is not OK
+			redirectToLoginPage(hdlr);
+			return;
+		}
+		
 		if (pos == -1 || pos + 4 >= len)
 		{
 			HttpResponseHeader rhdr(500);