Thanks for your reply, Dave. However, I don't really get the part on "drag and drop" - do you mean drag and drop the file into the field? Will it work for a text area?
Please kindly elaborate. Thank you once again, Maurice On Friday, 26 May 2017 02:55:50 UTC+8, Dave S wrote: > > > > On Thursday, May 25, 2017 at 8:34:44 AM UTC-7, Maurice Ling wrote: >> >> Hi everyone, >> >> I am stuck with an issue - please refer to the code below. >> >> [...] >> > 5. I will the want to copy the file into application/<app name>/upload >> folder using shutils (lines 17-25) but the file name will be changed to >> entry.file.<random number>.<original file name> >> 6. However, this does not work as I get the error that the file is not >> found. >> 7. For debugging, I print the source file name (line 21) and it only gave >> me the file name when I will need the entire file path for shutil.copy2() >> at line 25 to work. >> *[...]* >> > sourcefile = form.vars.uploadfile.filename >> > >> 1. print sourcefile >> 2. newfile = upload_dir + os.sep + 'entry.file.' + \ >> 3. str(int(random.random()*10000000000000)) + >> \ >> 4. os.path.splitext(sourcefile)[-1] >> 5. shutil.copy2(sourcefile, newfile) >> 6. >> >> [...] >> > > A browser won't tell you the path to the file, just the filename. It's a > security measure. The shutil.copy2() call can only handle files local to > the server. If you're using this page locally on the server, then you can > provide the path information through other channels. > > I do something like this on my home machine, because I'm using my app to > tag my photos. Currently, I provide a text field on the form to enter > path (separate from filename), but I check that path against a list I keep > in the code. That limits the amount filesystem exploration someone could > do if they somehow got access to my app. > (BTW, drag-and-drop works for getting the filename into its field). > > /dps > > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
