def create_profile(self, request, user): if self.avatar_file.data: upload_file = request.files[self.avatar_file.name] if upload_file and allowed_file(upload_file.filename): # Don't trust any input, we use a random string as filename. # or use secure_filename: # http://flask.pocoo.org/docs/patterns/fileuploads/ user_upload_dir = os.path.join( current_app.config['UPLOAD_FOLDER'], "user_%s" % user.id) current_app.logger.debug(user_upload_dir) make_dir(user_upload_dir) root, ext = os.path.splitext(upload_file.filename) today = datetime.now().strftime('_%Y-%m-%d') # Hash file content as filename. hash_filename = hashlib.sha1( upload_file.read()).hexdigest() + "_" + today + ext user.avatar = hash_filename avatar_ab_path = os.path.join(user_upload_dir, user.avatar) # Reset file curso since we used read() upload_file.seek(0) upload_file.save(avatar_ab_path) self.populate_obj(user) self.populate_obj(user.user_detail) db.session.add(user) db.session.commit()
def create_profile(self, request, user): if self.avatar_file.data: upload_file = request.files[self.avatar_file.name] if upload_file and allowed_file(upload_file.filename): # Don't trust any input, we use a random string as filename. # or use secure_filename: # http://flask.pocoo.org/docs/patterns/fileuploads/ user_upload_dir = os.path.join(current_app.config['UPLOAD_FOLDER'], "user_%s" % user.id) current_app.logger.debug(user_upload_dir) make_dir(user_upload_dir) root, ext = os.path.splitext(upload_file.filename) today = datetime.now().strftime('_%Y-%m-%d') # Hash file content as filename. hash_filename = hashlib.sha1(upload_file.read()).hexdigest() + "_" + today + ext user.avatar = hash_filename avatar_ab_path = os.path.join(user_upload_dir, user.avatar) # Reset file curso since we used read() upload_file.seek(0) upload_file.save(avatar_ab_path) self.populate_obj(user) self.populate_obj(user.user_detail) db.session.add(user) db.session.commit()
def validate_avatar_file(form, field): if field.data and not allowed_file(field.data.filename): raise ValidationError( _("Please only upload files with extensions:") + " %s" % "/".join(ALLOWED_AVATAR_EXTENSIONS))
def validate_avatar_file(form, field): if field.data and not allowed_file(field.data.filename): raise ValidationError(_("Please only upload files with extensions:") + " %s" % "/".join(ALLOWED_AVATAR_EXTENSIONS))