Is there a way we can check if a certain file being uploaded is really
what it claims to be?
Let's say I want to restrict files to PDF only, then I take a php
script and I rename it PDF I can still upload it if using the
following custom FileField that I just worked out yesterday:
from django.db.models import FileField
from django.forms import forms
from django.template.defaultfilters import filesizeformat
from django.utils.translation import ugettext_lazy as _
class ContentTypeRestrictedFileField(FileField):
"""
Same as forms.FileField, but you can specify a content_type and
max_upload_size.
"""
def __init__(self, *args, **kwargs):
self.content_types = kwargs.pop("content_types")
self.max_upload_size = kwargs.pop("max_upload_size")
super(ContentTypeRestrictedFileField, self).__init__(*args,
**kwargs)
def clean(self, *args, **kwargs):
data = super(ContentTypeRestrictedFileField,
self).clean(*args, **kwargs)
file = data.file
content_type = file.content_type
if content_type in self.content_types:
if file._size > self.max_upload_size:
raise forms.ValidationError(_('Please keep filesize
under %s. Current filesize %s') %
(filesizeformat(self.max_upload_size), filesizeformat(file._size)))
else:
raise forms.ValidationError(_('The only filetype allowed
is PDF.'))
return data
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
