Upgrade to Pro — share decks privately, control downloads, hide ads and more …

15-437 Files

ThierrySans
September 17, 2013
Education
0
250

15-437 Files

ThierrySans

September 17, 2013
Tweet

More Decks by ThierrySans

See All by ThierrySans
CSCD27 Social Engineering
thierrysans
0
240
CSCD27 Web Security
thierrysans
0
410
CSCD27 Malicious Software
thierrysans
0
380
CSCD27 Protection
thierrysans
0
470
CSCD27 System Insecurity
thierrysans
0
400
CSCD27 Human Authentication
thierrysans
0
340
CSCD27 Network security
thierrysans
0
540
CSCD27 Network (in)security
thierrysans
0
550
CSCD27 Cryptography Protocols
thierrysans
0
690

Other Decks in Education

See All in Education
Blogit opetuksessa
matleenalaakso
0
1.6k
東工大 traP Kaggle班 機械学習講習会 2024
abap34
2
320
PSYC-560 R and R Studio Setup
jdbedics
0
520
LLMs for Social Simulation: Progress, Opportunities and Challenges
wingnus
1
100
Comezando coas redes
irocho
0
370
HCL Domino 14.0 AutoUpdate を試してみた
harunakano
0
1.7k
HCI Research Methods - Lecture 7 - Human-Computer Interaction (1023841ANR)
signer
PRO
0
710
謙虚なアジャイルコーチ__アダプティブ_ムーブ_による伴走支援.pdf
antmiyabin
0
270
Library Prefects 2024-2025
cbtlibrary
0
110
勉強したらどうなるの?
mineo_matsuya
10
6.5k
Beispiel einer Fortbildung für "Soziales Lernen"
gsgoethe
0
120
20240810_ワンオペ社内勉強会のノウハウ
ponponmikankan
2
880

Featured

See All Featured
A Tale of Four Properties
chriscoyier
156
23k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
329
21k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
6
430
Embracing the Ebb and Flow
colly
84
4.5k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Why Our Code Smells
bkeepers
PRO
334
57k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.3k
What's new in Ruby 2.0
geeforr
343
31k
What's in a price? How to price your products and services
michaelherold
243
12k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
370
For a Future-Friendly Web
brad_frost
175
9.4k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k

Transcript

  1. Handling Files Thierry Sans

  2. MIME Types

  3. MIME types MIME (Multipurpose Internet Mail Extensions)
 is also known

    as the content type ➡ Define the format of a document exchanged on internet 
 (IETF standard) http://www.iana.org/assignments/media-types/index.html

  4. Examples of MIME types • text/html • text/css • text/javascript

    • image/jpeg - image/gif - image/svg - image/png (and so on) • application/pdf • application/json

  5. Example of how images are retrieved <html>! <body>! <img src=images/bart.jpg/>!

    </body>! </html> GET hello/bart/ http://localhost/HelloYou/ http://www.example.com//hello/bart/ GET images/bart.jpg MIME : text/html MIME : image/jpg

  6. Client Side Uploading a file

  7. Upload FORM <form enctype="multipart/form-data" action="{% url 'add' %}" method="post">! <input

    id="upload" type="file" name="file"/>! <input type="text" name="name"/>! <input type="text" name="website"/>! </form>! <a id="publishButton">Publish</div> WebDirectory/templates/WebDirectory/index.html this form handles multiple formats of data the URL to submit the form uploading files must be done through a POST request

  8. Submitting the form with Javascript $(document).ready(function(){! $("#publishButton").click(function(){! $("form").submit();! });! });

    WebDirectory/static/WebDirectory/js/script.js

  9. Using drag’n drop ... ... that’s your homework 4 :)

  10. Server Side Saving and serving uploaded files

  11. Saving uploaded files Controller def add(request):! ... Database img mime

    path image/png path image/jpg The image path and the mime type are stored in the database POST add/ uploads The image is stored in the upload directory Image

  12. Configuring Django about where to upload files # Absolute filesystem

    path to the directory that will hold user-uploaded files.! # Example: "/home/media/media.lawrence.com/media/"! MEDIA_ROOT = os.path.join(BASE_DIR, 'uploads/') tsans/settings.py

  13. The model class Entry(models.Model):! # image = models.CharField(max_length=200)! name =

    models.CharField(max_length=200)! webpage = models.URLField(max_length=200)
 ! class Image(models.Model):! ! entry = models.ForeignKey(Entry, unique=True)! image = models.ImageField(upload_to='WebDirectory')! mimeType = models.CharField(max_length=20) WebDirectory/models.py where to store uploaded files use FileField for generic files We need to record the MIME type (see serving uploaded file) entry foreign key

  14. Migrating the WebDirectory database $ python manage.py makemigrations WebDirectory! $

    python manage.py migrate

  15. Controller - saving uploaded files from django.views.decorators.csrf import csrf_exempt! !

    @csrf_exempt! def add(request):! e = Entry(name = request.POST['name'],\! webpage = request.POST['website'])! e.save()
 ! i = Image(entry = e,\! image = request.FILES['file'],\! mimeType=request.FILES['file'].content_type)! i.save()
 ! return HttpResponseRedirect(reverse('index'))! WebDirectory/views.py get the file from the HTTP request Not secure but we will talk about security later get the MIME type

  16. Controller - serving uploaded files • How to serve these

    uploaded files? • Should we serve them as static files?

  17. Why not serving uploaded files as static files? Because we

    want to control • who can access these files • when to serve these files • how to serve these files

  18. A good way to serve uploaded files Have a method

    to control (controller) the file - getImage Reference the image using an identifier • automatically generated hash code • or database entry id (primary key in the database)

  19. How to define getImage Controller def getimage(request,imageid):! ... GET getimage/345/

    uploads Retrieve the image from the upload directory
 (this is done automatically by Django) Database img mime path image/png path image/jpg Get the image path and mime type from the database based on its id Return a HTTP response of the corresponding mime type Image

  20. Controller - serving uploaded files urlpatterns = patterns('',! url(r'^$', views.index,

    name='index'),! url(r'^add/$', views.add, name='add'),! url(r'^getimage/(?P<image_id>\d+)/$',\! views.getImage,\! name='getImage'),! ) WebDirectory/urls.py

  21. Controller - serving uploaded files def getImage(request,image_id):! i = Image.objects.get(id=image_id)!

    return HttpResponse(i.image.read(), content_type=i.mimeType)! ! def index(request):! ! image_list = Image.objects.all()! return render(request,’WebDirectory/index.html’,\
 {'image_list': image_list}) WebDirectory/views.py get the file from the database return an HTTP response of the corresponding MIME type

  22. Updating the image URL in the template WebDirectory/templates/WebDirectory/index.html ...! <div

    id="directory">! {% if image_list %}! {% for image in image_list %}! <div class="entry">! <div class="image"><img src="{% url 'getImage' image.id %}"/>! </div>! <div class=“name">{{image.entry.name}}</div>! <div class="website">! <a href=“{{image.entry.webpage}}”>
 ! ! ! {{image.entry.name}}'s website
 ! ! </a>! ...