Some interesting examples on how to handle file uploads using Django:

  • Code snippet posted on Djangosnippets. The file is saved by declaring a save() method in the form class. This method is invoked when calling form.save(), which is standard Django newforms practice. (Note that this snipped uses clean_data. As of Django version 0.96, clean_data has been renamed to cleaned_data, so you will have to change the code or it won’t work)
  • Django image upload and validation. The author uses a model for the file and its related data. The uploaded file is saved by calling the save_FOO_file method. (This method is automatically provided by Django for fields declared as models.ImageField or models.FileField in the model. See the db-api documentation.)
  • Django image upload, form_for_instance and monkey-patching. The example code creates a form class from request.user by calling form_for_instance.
    The resulting class in then monkey-patched to insert the avatar image
    validation code. (Although the code is interesting the monkey patch
    seems unnecessary. I wouldn’t mind inserting the avatar validation
    method in a UserProfileForm class derived from form.Forms. The code would be certainly clearer: I think KISS takes precedence over DRY in this case.)

Interesting, there seems to be no easy way of limiting the uploaded
file size. The file can be rejected at validation time, but the data
would have already been transfered.

A file upload recipe

After reading those posts, I think that a good recipe for handling file uploads in Django would be:

  • Write a django model for the uploaded file and its related data.
    Using a Django model makes sense, because it is usually necessary for
    the application to keep track of the uploaded files.
  • Write a subclass of form.Forms and declare a clean_FOO method for each models.FileInput or models.ImageInput fields declared in the model class. These clean_FOO methods are used to validate the uploaded files.
  • use a django view to receive the POST data, or display the form if no data is posted or errors are found.
  • validate the uploaded file or files by triggering the standard django newforms validation mechanism: is_valid().
  • save the file or files getting the data directly from the request.FILES object, by writing a save() method for the subclassed form or by calling save_FOO_file for the model instance.

A simpler way to upload a file

The following short Django
example uses no data models, does no data validation, and saves the
file directly to disk using python standard file functions. It is just
a simple test I wrote to get familiar with the request.FILES object. This is not production code: it could be used to execute an arbitrary script on the server.
The directory where the file is to be saved must be writable by the
user that is running the Django server script. (The example uses
MEDIA_ROOT as defined in settings.py.)

file: views.py

  1. from django import http
  2. from django import newforms as forms
  3. from django.shortcuts import render_to_response
  4. from djangotest.settings import MEDIA_ROOT
  5. class SimpleFileForm(forms.Form):
  6. file = forms.Field(widget=forms.FileInput, required=False)
  7. def directupload(request):
  8. “””
  9. Saves the file directly from the request object.
  10. Disclaimer: This is code is just an example, and should
  11. not be used on a real website. It does not validate
  12. file uploaded: it could be used to execute an
  13. arbitrary script on the server.
  14. “””
  15. template = ‘fileupload.html’
  16. if request[‘method’] == ‘POST’:
  17. if ‘file’ in request.FILES:
  18. file = request.FILES[‘file’]
  19. # Other data on the request.FILES dictionary:
  20. # filesize = len(file[‘content’])
  21. # filetype = file[‘content-type’]
  22. filename = file[‘filename’]
  23. fd = open(‘%s/%s’ % (MEDIA_ROOT, filename), ‘wb’)
  24. fd.write(file[‘content’])
  25. fd.close()
  26. return http.HttpResponseRedirect(‘ upload_success.html’)
  27. else:
  28. # display the form
  29. form = SimpleFileForm()
  30. return render_to_response(template, { ‘form’: form })

file: fileupload.html

  1. {% extends “base.html” %}
  2. {% block body %}
  3. Upload a file

  4. {{ form }}
  5. {% endblock %}

Leave a Reply

电子邮件地址不会被公开。 必填项已用*标注