On Tue, Aug 19, 2008 at 8:47 AM, Jon Atkinson <[EMAIL PROTECTED]> wrote: > I'm trying to work with a model which accepts a logo image upload via > an ImageField. My a cut down version of my model is below: > > class Promoter(models.Model): > name = models.CharField(max_length=100) > logo = models.ImageField(upload_to="/images/promoters/%Y/%m/%d/")
Drop the first slash in your path name. > When I try to upload the logo via the built-in admin interface, I get > the following error: > > SuspiciousOperation at /admin/promoters/promoter/add/ > Attempted access to '/images/promoters/2008/08/19/kitten.jpg' denied. > > In settings.py, my MEDIA_ROOT is set to an accessible directory in my > home folder: '/home/username/projectname/media/', and this folder has > it's permissions set to 777. But with that leading slash, you're trying to save to /images/promotors/%Y/%m/%d/, not /home/username/projectname/media/images/promotors/%Y/%m/%d/ like you want. That path probably doesn't exist, and Django would need unrestricted access to your system in order to create it for you. Needless to say, not a good situation. That SuspiciousOperation is in place to help prevent Django from trying to accidentally read or write from places on your filesystem it shouldn't have access to. Just drop the first slash in the path name (so it reads upload_to="images/promoters/%Y/%m/%d/") and you'll be all set. -Gul --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
