def appearance_save(self, **kwargs): """Save :class:`~mediacore.forms.admin.settings.appearanceForm`.""" settings = request.settings accepted_extensions = ('.png', '.jpg', '.jpeg', '.gif') upload_field_filenames = [ ('appearance_logo', 'logo'), ('appearance_background_image', 'bg_image'), ] #Handle a reset to defaults request first if kwargs.get('reset', None): self._update_settings(dict(appearance_settings)) generate_appearance_css(appearance_settings) return redirect(controller='admin/settings', action='appearance') appearance_dir = os.path.join(config['cache.dir'], 'appearance') for field_name, file_name in upload_field_filenames: field = kwargs['general'].pop(field_name) if isinstance(field, FieldStorage): extension = os.path.splitext(field.filename)[1].lower() if extension in accepted_extensions: #TODO: Need to sanitize manually here? full_name = '%s%s' % (file_name, extension) permanent_file = open(os.path.join(appearance_dir, full_name), 'w') shutil.copyfileobj(field.file, permanent_file) permanent_file.close() field.file.close() kwargs['general'][field_name] = full_name continue # Preserve existing setting kwargs['general'][field_name] = settings.get(field_name, '') self._save(appearance_form, values=kwargs) generate_appearance_css( [(key, setting.value) for key, setting in c.settings.iteritems()], ) redirect(action='appearance')