def to_python(self, data): """ Checks that the file-upload field data contains a valid image (GIF, JPG, PNG, possibly others -- whatever the Python Imaging Library supports). """ f = super(ImageField, self).to_python(data) if f is None: return None from django.utils.image import Image # We need to get a file object for Pillow. We might have a path or we might # have to read the data into memory. if hasattr(data, 'temporary_file_path'): file = data.temporary_file_path() else: if hasattr(data, 'read'): file = BytesIO(data.read()) else: file = BytesIO(data['content']) try: # load() could spot a truncated JPEG, but it loads the entire # image in memory, which is a DoS vector. See #3848 and #18520. # verify() must be called immediately after the constructor. Image.open(file).verify() except Exception: # Pillow (or PIL) doesn't recognize it as an image. six.reraise(ValidationError, ValidationError(self.error_messages['invalid_image']), sys.exc_info()[2]) if hasattr(f, 'seek') and callable(f.seek): f.seek(0) return f
def to_python(self, data): """ Checks that the file-upload field data contains a valid image (GIF, JPG, PNG, possibly others -- whatever the Python Imaging Library supports). """ f = super(ImageField, self).to_python(data) if f is None: return None from django.utils.image import Image # We need to get a file object for Pillow. We might have a path or we might # have to read the data into memory. if hasattr(data, 'temporary_file_path'): file = data.temporary_file_path() else: if hasattr(data, 'read'): file = BytesIO(data.read()) else: file = BytesIO(data['content']) try: # load() could spot a truncated JPEG, but it loads the entire # image in memory, which is a DoS vector. See #3848 and #18520. # verify() must be called immediately after the constructor. Image.open(file).verify() except Exception: # Pillow (or PIL) doesn't recognize it as an image. six.reraise(ValidationError, ValidationError( self.error_messages['invalid_image'], code='invalid_image', ), sys.exc_info()[2]) if hasattr(f, 'seek') and callable(f.seek): f.seek(0) return f
def is_image(self): # taken from ImageField try: Image.open(self.data).verify() return True except Exception: return False
def clean_image(self): image = self.cleaned_data["image"] if Image.open(image).format.lower() not in settings.ST_ALLOWED_UPLOAD_IMAGE_FORMAT: raise forms.ValidationError(_("Unsupported file format. Supported formats are %s." % ", ".join(settings.ST_ALLOWED_UPLOAD_IMAGE_FORMAT))) image.seek(0) return image
def clean_image(self): image = self.cleaned_data["image"] image.format = Image.open(image).format.lower() image.seek(0) if image.format not in settings.ST_ALLOWED_UPLOAD_IMAGE_FORMAT: raise forms.ValidationError(_("Unsupported file format. Supported formats are %s." % ", ".join(settings.ST_ALLOWED_UPLOAD_IMAGE_FORMAT))) return image
def test_bug_19457(self): """ Regression test for #19457 get_image_dimensions fails on some pngs, while Image.size is working good on them """ img_path = os.path.join(os.path.dirname(upath(__file__)), "magic.png") try: size = get_image_dimensions(img_path) except zlib.error: self.fail("Exception raised from get_image_dimensions().") self.assertEqual(size, Image.open(img_path).size)
def test_bug_19457(self): """ Regression test for #19457 get_image_dimensions fails on some pngs, while Image.size is working good on them """ img_path = os.path.join(os.path.dirname(upath(__file__)), "magic.png") try: size = images.get_image_dimensions(img_path) except zlib.error: self.fail("Exception raised from get_image_dimensions().") self.assertEqual(size, Image.open(img_path).size)
def test_multiple_calls(self): """ Multiple calls of get_image_dimensions() should return the same size. """ from django.core.files.images import ImageFile img_path = os.path.join(os.path.dirname(upath(__file__)), "test.png") image = ImageFile(open(img_path, 'rb')) image_pil = Image.open(img_path) size_1, size_2 = get_image_dimensions(image), get_image_dimensions(image) self.assertEqual(image_pil.size, size_1) self.assertEqual(size_1, size_2)
def test_multiple_calls(self): """ Multiple calls of get_image_dimensions() should return the same size. """ img_path = os.path.join(os.path.dirname(upath(__file__)), "test.png") with open(img_path, 'rb') as fh: image = images.ImageFile(fh) image_pil = Image.open(fh) size_1 = images.get_image_dimensions(image) size_2 = images.get_image_dimensions(image) self.assertEqual(image_pil.size, size_1) self.assertEqual(size_1, size_2)
def from_url(creator, url): try: return Cover.objects.get(original_url=url) except Cover.DoesNotExist: pass img_temp = None try: cover = Cover(creator=creator, create_date=datetime.now(), original_url=url) response = urllib.request.urlopen(url) if 'content-length' not in response.headers or int( response.headers['content-length']) > 1000000: return None data = response.read() Image.open(BytesIO(data)).verify() img = Image.open(BytesIO(data)) img = img.resize((150, 150), Image.ANTIALIAS) img_temp = NamedTemporaryFile(delete=True) ext = url.split('.')[-1].upper() if ext == 'JPG': ext = 'JPEG' img.save(img_temp, format=ext) cover.file.save(f(None, url), File(img_temp), save=True) return cover except: return None finally: if img_temp: img_temp.close()
def from_url(creator, url): try: return Cover.objects.get(original_url=url) except Cover.DoesNotExist: pass img_temp = None try: cover = Cover(creator=creator, create_date=datetime.now(), original_url=url) response = urllib.request.urlopen(url) if 'content-length' not in response.headers or int(response.headers['content-length']) > 1000000: return None data = response.read() Image.open(BytesIO(data)).verify() img = Image.open(BytesIO(data)) img = img.resize((150, 150), Image.ANTIALIAS) img_temp = NamedTemporaryFile(delete=True) ext = url.split('.')[-1].upper() if ext == 'JPG': ext = 'JPEG' img.save(img_temp, format=ext) cover.file.save(f(None, url), File(img_temp), save=True) return cover except: return None finally: if img_temp: img_temp.close()
def upload_zip(to_upload): print("In the zip!") zip = zipfile.ZipFile(to_upload.zip_file) bad_file = zip.testzip() if bad_file: zip.close() raise Exception('"%s" in zip archive is corrupt' % bad_file) count = 1 for file_name in sorted(zip.namelist()): if file_name.startswith('__') or file_name.startswith('.'): continue data = zip.read(file_name) if not len(data): continue try: file = BytesIO(data) opened = D_Image.open(file) opened.verify() except Exception: raise Exception('"%s" is a bad image file' % format(file_name)) if not to_upload.title: title = '_'.join([format(file_name), str(count)]) else: title = '_'.join([to_upload.title, str(count)]) image = Image(title=title, created=time.time(), public=to_upload.public, user=to_upload.user, ) content_file = ContentFile(data) image.image.save(file_name, content_file) image.save() image.albums.add(to_upload.albums) image.save() count += 1 zip.close() return "Zip file uploaded!!"
def students_add(request): form = StudentAddForm(request.POST or None) context = {'form': form} context.update({'page_title': _(u"Add Student")}) # was form posted? if request.method == "POST": # was form add button clicked? if request.POST.get('add_button') is not None: # error collection errors = OrderedDict() # validate student data will go here data = {'middle_name': request.POST.get('middle_name'), 'notes': request.POST.get('notes')} # validate user input first_name = request.POST.get('first_name', '').strip() if not first_name: errors['first_name'] = _(u"First Name field is required") else: data['first_name'] = first_name last_name = request.POST.get('last_name', '').strip() if not last_name: errors['last_name'] = _(u"Last Name field is required") else: data['last_name'] = last_name birthday = request.POST.get('birthday', '').strip() if not birthday: errors['birthday'] = _(u"Birthday date is required") else: data['birthday'] = birthday try: datetime.strptime(birthday, '%Y-%m-%d') except Exception: errors['birthday'] = _(u"Please, enter the correct date (Ex. 1984-12-30)") else: data['birthday'] = birthday ticket = request.POST.get('ticket', '').strip() if not ticket: errors['ticket'] = _(u"Ticket number is required") else: data['ticket'] = ticket student_group = request.POST.get('student_group', '').strip() if not student_group: errors['student_group'] = _(u"Select group for student") else: groups = Group.objects.filter(pk=student_group) if len(groups) != 1: errors['student_group'] = _(u"Select group for student") else: data['student_group'] = Group.objects.get(pk=student_group) photo = request.FILES.get('photo') if photo: if photo.size > (2*1024*1024): errors['photo'] = _(u'The file is too big. Must be less then 2MB') else: try: Image.open(photo).verify() except Exception: errors['photo'] = _(u"File is not an image") else: data['photo'] = photo if not errors: # create student object student = Student(**data) # save it to database student.save() # redirect user to students list messages.info( request, _(u'Student "%(first_name)s %(last_name)s" sucessfully added!') % {'first_name': student.first_name, 'last_name': student.last_name}, ) return HttpResponseRedirect(reverse('home')) else: # render form with errors and previous user input for error_key in errors.keys(): messages.error(request, errors[error_key]) context['errors'] = errors return render(request, 'students/students_add.html', context) elif request.POST.get('cancel_button') is not None: # redirect to home page on cancel button messages.info( request, _(u'Adding a student got canceled!'), ) return HttpResponseRedirect(reverse('home')) else: # initial form render return render(request, 'students/students_add.html', context)
def gallery(request): if ( not request.user.pk is None ) and request.user.facebookprofile.facebook_id and request.user.facebookprofile.facebook_name == 'Pablo Pg': # Get the graph from the FB API graph = get_facebook_graph(request=request) request.user.facebookprofile.facebook_id = graph.get('me', fields='id')['id'] request.user.facebookprofile.save() if (not request.user.pk is None ) and request.user.userprofile.terms_conditions: context = RequestContext(request) # Handle file upload if request.method == 'POST': pic_form = PictureForm(data=request.POST, files=request.FILES) if pic_form.files: real_age_list = pic_form.data.getlist('real_age') x = request.POST.getlist('x') y = request.POST.getlist('y') w = request.POST.getlist('w') h = request.POST.getlist('h') ts = datetime.datetime.fromtimestamp( time.time()).strftime('%Y%m%d%H%M%S') user_pictures_list = list( Picture.objects.filter(owner=request.user)) for i in range(len(pic_form.files)): file_name = 'pic[' + str(i) + ']' newpic = Picture() newpic.pic = pic_form.files[file_name] newpic.thurmnail = pic_form.files[file_name] newpic.owner = request.user.userprofile newpic.real_age = real_age_list[i] newpic.date = str(datetime.datetime.now().date()) newpic.pic.name = str(request.user.id) + '_' + str( i) + '_' + ts + os.path.splitext(newpic.pic.name)[-1] newpic.num_votes = 1 newpic.cum_votes = newpic.real_age newpic.save() # Check if the new image has been uploaded by the user newpic.hist = json.dumps( Image.open(newpic.pic.path).convert('RGB').histogram()) found = False for p in range(len(user_pictures_list)): tpicture = user_pictures_list[p] if compare(json.loads(newpic.hist), json.loads(tpicture.hist)) < 0.1: if not tpicture.visibility: tpicture.visibility = True tpicture.save() if request.user.facebookprofile.facebook_id not in SUPERUSER_ID: request.user.userprofile.upload_pic += 1 else: request.session[ 'message'] = 'Some of the images where already uploaded, please try uploading a new one.' found = True break # If image already exists, process next one if found: os.remove(newpic.pic.path) newpic.delete() continue # Crop Image if needed img = Image.open(newpic.pic.path) if int(float(x[i])) != -1: left = int(float(x[i])) top = int(float(y[i])) width = int(float(w[i])) height = int(float(h[i])) newimg = img.crop( (left, top, left + width, top + height)) newimg.save(Base.PROJECT_DIR + Base.MEDIA_URL + '/' + newpic.pic.name) # Save image to db & disk if request.user.facebookprofile.facebook_id not in SUPERUSER_ID: request.user.userprofile.upload_pic += 1 request.user.userprofile.score_global += 50 newpic.save() # Save user images counter request.user.userprofile.save() # Redirect to the document list after POST return HttpResponse(json.dumps({}), content_type="application/json") else: print pic_form.errors if 'id_pic' in request.POST and 'vote' in request.POST: p = Picture.objects.get(id=request.POST['id_pic']) p.real_age = request.POST['vote'] p.save() return HttpResponseRedirect('/gallery/') else: pic_form = PictureForm() # A empty, unbound pic_form context_dict = { 'pictures': Picture.objects.filter(owner=request.user, visibility=True), 'user': request.user, 'pic_form': pic_form, 'message': request.session.get('message', '') } request.session['message'] = '' return render_to_response('gallery.html', context_dict, context_instance=context) else: return HttpResponseRedirect('/canvas/terms/')