diff --git a/app/Http/Controllers/InternalApiController.php b/app/Http/Controllers/InternalApiController.php
index 18556fdc0..e20944f23 100644
--- a/app/Http/Controllers/InternalApiController.php
+++ b/app/Http/Controllers/InternalApiController.php
@@ -23,6 +23,7 @@ use App\Transformer\Api\{
     AccountTransformer,
     StatusTransformer,
 };
+use App\Util\Media\Filter;
 use App\Jobs\StatusPipeline\NewStatusPipeline;
 use League\Fractal\Serializer\ArraySerializer;
 use League\Fractal\Pagination\IlluminatePaginatorAdapter;
@@ -63,7 +64,7 @@ class InternalApiController extends Controller
             if($m->profile_id !== $profile->id || $m->status_id) {
                 abort(403, 'Invalid media id');
             }
-            $m->filter_class = $media['filter'];
+            $m->filter_class = in_array($media['filter'], Filter::classes()) ? $media['filter'] : null;
             $m->license = $media['license'];
             $m->caption = strip_tags($media['alt']);
             $m->order = isset($media['cursor']) && is_int($media['cursor']) ? (int) $media['cursor'] : $k;
diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php
index e6ae1647e..a77d6affc 100644
--- a/app/Http/Controllers/StatusController.php
+++ b/app/Http/Controllers/StatusController.php
@@ -16,6 +16,7 @@ use Auth;
 use Cache;
 use Illuminate\Http\Request;
 use League\Fractal;
+use App\Util\Media\Filter;
 
 class StatusController extends Controller
 {
@@ -151,6 +152,8 @@ class StatusController extends Controller
             if(in_array($v->getMimeType(), $allowedMimes) == false) {
                 continue;
             }
+            $filter_class = $request->input('filter_class');
+            $filter_name = $request->input('filter_name');
 
             $storagePath = "public/m/{$monthHash}/{$userHash}";
             $path = $v->store($storagePath);
@@ -163,8 +166,9 @@ class StatusController extends Controller
             $media->original_sha256 = $hash;
             $media->size = $v->getSize();
             $media->mime = $v->getMimeType();
-            $media->filter_class = $request->input('filter_class');
-            $media->filter_name = $request->input('filter_name');
+            
+            $media->filter_class = in_array($filter_class, Filter::classes()) ? $filter_class : null;
+            $media->filter_name = in_array($filter_name, Filter::names()) ? $filter_name : null;
             $media->order = $order;
             $media->save();
             array_push($mimes, $media->mime);