Validation is a big subject, and the validation of files can be very complex aswell. Anyways to validate you need to define a clean method in your form. Here you put the code that can test things like file types, and whatever you can think of using python. I can't get you the link as I'm not at my laptop, but if you search the django docs for "form validation" "clean" or "cleaned_data" you should be able to find the right doc. You want to read about the clean method an is_valid().
On 20 Feb., 22:09, Michael Repucci <mich...@repucci.org> wrote: > I'm totally new to Django and authorized/secure web apps, and really > loving it for this. But I've got a few really novice questions. I've > got a model with a FileField, to which users can upload an arbitrary > file. In the model docs for the FileField it says, "Validate all > uploaded files." And I'm not sure where to do this or how. Is this > through the save_model method of the ModelAdmin class? If so, what is > the basic format, because not executing obj.save() didn't seem to do > the trick. > > Also, as mentioned in the docs, I don't want to allow a user to upload > a PHP script or similar, and execute it by visiting the link, but I > would like users to be able to place any of various file types on the > server so that other users can download them. Is it enough to just > exclude files with certain extensions (e.g., PHP, CGI, etc.), and if > so, is there a list of all the "dangerous" file extensions somewhere? > > Thanks for your help in advance! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---