On Mon, Apr 12, 2010 at 3:28 PM, phoebebright <phoebebright...@gmail.com>wrote:
> If you edit an item in admin, a files uploaded are displayed above the > input field. But if the model form is loaded with an instance, the > form seems unaware that there may already be an uploaded file. No > existing file is displayed and if the form is resaved, the uploaded > file link is lost. > The admin uses a special widget for file fields, see http://code.djangoproject.com/browser/django/tags/releases/1.1.1/django/contrib/admin/widgets.py#L85. That's what causes the existing value with link to be displayed in admin. > Am populating the form like this: requestForm = > RequestForm(instance=comm) > > Found a similar question here: > > http://groups.google.com/group/django-users/browse_thread/thread/1ba9bd1ae11c4e1a/a0c865b9317626ac?lnk=gst&q=upload+file#a0c865b9317626ac > and here > > http://groups.google.com/group/django-users/browse_thread/thread/b3de8d6ef3fd8da9/1271517128e75720?lnk=gst&q=upload+file#1271517128e75720 > with now answers > > A partial answer here:http://groups.google.com/group/django-users/ > browse_thread/thread/14922dca454e3782/d3b370cc47fe9ca1?lnk=gst&q=upload > +file#d3b370cc47fe9ca1<http://groups.google.com/group/django-users/%0Abrowse_thread/thread/14922dca454e3782/d3b370cc47fe9ca1?lnk=gst&q=upload%0A+file#d3b370cc47fe9ca1> > To the effect that this behaviour is correct due to security issue. Is > that the case? > Browsers will not render an initial value for a file input, so as to prevent malicious web sites from pre-filling such fields with values that may cause upload of sensitive data if an unwitting user just presses OK or something on a form. Thus if you want a file field to include information about an already-existing value, you need to have the form display more than just the plain file input that normally goes with a file field. You need something like the admin's special widget (possibly you could just use the admin's special widget directly, I have not looked at it closely enough to tell one way or the other). Karen -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
